Apparently, this is just another example where M$ ignored reports of the security vulnerability for years, and now everyone else has to pay. Lloyd's of London is estimating the cost at $8,000,000,000 and rising. There's a report of another security hole that Netscape fixed years ago, but still exists in Outlook: http://news.cnet.com/news/0-1005-200-1820959.html Are any of our bigger ISPs willing to initiate a class action to recover the costs? Dean Robb wrote:
At 06:56 PM 5/4/00 -0400, David Charlap wrote:
One of them (I think Outlook) can also auto-launch attachments when the message is selected (and displayed in the preview window) and not even opened. This is a _BIG_ security hole that Microsoft has not fixed, despite other virusses (like Melissa) which have already taken advantage of it.
There are instructions for disabling ActiveScripting in Outlook on the MS website. It's enabled by default. That'll stop the attachements from being auto-executed. Remember, according to their TV ads, MS exists to help the consumer!
WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32