Thursday, January 12, 2006

outlook flaw

The TNEF vulnerability, which Microsoft spelled out in the MS06-003 security bulletin, is a flaw in how Microsoft's Outlook client and older versions of its Exchange server software decode the TNEF MIME attachment. TNEF is used by Exchange and Outlook when sending and processing messages formatted as Rich Text Format (RTF), one of the formatting choices available to Outlook users. Microsoft noted the severity of the bug by tagging it with its highest warning label, "Critical," and by providing a patch for Exchange 5.0 and 5.5, obsolete versions whose support technically ended Dec. 31, 2005. The newest server software, Exchange Server 2003, is immune to the bug, although current editions of Outlook, including Outlook 2003, are not. that to me is one more reason not to use outlook and switch over to a client that is much more secure, thunderbird.


Post a Comment

<< Home