March 27th, 2002, 07:41 PM
Outlook is history WMP is new Target ...
They have discovered that the program allows malicious hackers to easily bypass Outlook's new security features, which block delivery of dangerous e-mailed attachments and turn off active scripting by default. A downloadable security update from Microsoft adds the same protections to Outlook 2000.
The experts say HTML-formatted e-mail containing code identified as a file that Media Player "trusts" can be embedded in an e-mail, which Outlook will then automatically allow the player to execute.
Users can turn off scripting in Outlook and Explorer, but scripting cannot be disabled in Media Player. The exploit will work with WMP versions 7 and 8, even if scripting is disabled in Outlook and Explorer.
oh goody...well....WMP is a bloated pile of crap anyway ...
I used to be With IT. But then they changed what IT was. Now what I'm with isn't IT, and what's IT seems scary and weird." - Abe Simpson
March 27th, 2002, 07:56 PM
So what there saying is that an html coded e-mail with a link to run a WMP file can be excuted. And if the media player is a default player on a system it doesn't need permission to run the file it will automatically execute and be opened. If someone put somthing in a file that media player trusts it could damage a machine tell me if I'm right or far off?
March 28th, 2002, 01:57 PM
freeOn, that's just about right...scary isn't it? Last time I checked, when you check a box to not allow scripting, that's what it should do, prevent scripting. Yet another reason why I use Opera and Winamp/Radlight for my audio/video/email needs. Screw MS. I stand by the statement that I'm glad I have everything on my machine registered and legit...except Windows because MS will never get money from me until they actually live up to just 50% of what their OS is supposed to do. Fsckers.
We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.
March 28th, 2002, 01:59 PM
March 28th, 2002, 11:10 PM
I think Microsoft is making most of it's money from the less computer-literate, who don't know the history of Microsoft making 'user friendly' things which totally destabilize the security of the computer... Let's make a list.
File Sharing on by default -- Some early versions
Scripting/Macros -- Duh
This current WMA thing
Internet Explorer. Enough said.
Outlook. Enough said.
[HvC]Terr: L33T Technical Proficiency
March 28th, 2002, 11:23 PM
If you going to use Outlook you might as well put up a sign that says "hack me".
Its not software piracy. Iím just making multiple off site backups.
March 29th, 2002, 12:28 AM
Glad that I don't use either of them...I'm a 3rd party software maniac...Winamp, Irfanview, Quicktime...
"entia non sunt multiplicanda praeter necessitatem"
"entities should not be multiplied beyond necessity."