PDA

View Full Version : Another OE bug!!!!



mjc
10-11-2002, 02:38 AM
Well folks, I shouldn't be too suprised with this one, but it just seems a little too convenient that the fix is in the recently released SPs for XP and IE6....


Microsoft Security Bulletin MS02-058
Print Print

Unchecked Buffer in Outlook Express S/MIME Parsing Could Enable System Compromise (Q328676)

Originally posted: October 10, 2002
Summary

Who should read this bulletin: Customers using Microsoft® Outlook Express

Impact of vulnerability: Run code of attackers choice.

Maximum Severity Rating: Critical

Recommendation: Customers using Outlook Express should apply the patch

Affected Software:

* Microsoft Outlook Express 6.0
* Microsoft Outlook Express 5.5

Note: Microsoft Outlook is a different product than Microsoft Outlook Express, and is not affected by the vulnerability.

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-058.asp

Paul Komski
10-12-2002, 12:38 AM
Recommendation: Customers using Outlook Express should apply the patch
Update Recommendation: Customers using Outlook Express should consider using another mail client. ;)

mjc
10-12-2002, 04:04 AM
During the install, after replacing my motherboard (I did a custom install), I noticed there was an option not to install OE... ***THINKING***...I never use it, so why bother.....so I didn't install it, well it came time to update IE (just to kill the bugs in the version that comes with 98se, and of course the update need to patched too....but that is another story), and guess what, the checkbox to install OE wasn't checked....needless to say I was amazed (oh, yeah custom install on IE too).

So the short of it is I don't need this stinking patch...I don't need any more OE patches........I ain't got the stupid thing anymore!!!!!

And as far as I can tell, nothing bad has happened...altough I did have a tire slashed last weekend.....hmmm

Lucias_Clay
10-14-2002, 07:24 PM
Ok here is my question, have we become patch crazy? I always run to download any patch I hear of but what is the real risk of the average joe(or jane) I know if you don't do the patch and you get hacked you would probably kick your self but what are your real chances?