ad info

CNN.com
 MAIN PAGE
 WORLD
 ASIANOW
 U.S.
 LOCAL
 POLITICS
 WEATHER
 BUSINESS
 SPORTS
 TECHNOLOGY
   computing
   personal technology
   space
 NATURE
 ENTERTAINMENT
 BOOKS
 TRAVEL
 FOOD
 HEALTH
 STYLE
 IN-DEPTH

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

  CNN WEB SITES:
CNN Websites
 TIME INC. SITES:
 MORE SERVICES:
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines
 pointcast
 pagenet

 DISCUSSION:
 message boards
 chat
 feedback

 SITE GUIDES:
 help
 contents
 search

 FASTER ACCESS:
 europe
 japan

 WEB SERVICES:
Computing

Summer spawns cloud of software bugs

July 29, 1998
Web posted at: 11:25 AM EDT

by Dana Gardner
From...

(IDG) -- Cover up and use the bug spray liberally, as many as five software bugs have bitten Microsoft products and their users in the last few weeks.

The latest pesky outbreak may be a serious Internet e-mail breach that can erase hard drives and has affected not only Microsoft's Outlook and Outlook Express clients, but also Netscape's Communicator and apparently Qualcomm's Eudora clients.

The bug can allow an outsider to deliver a booby-trapped message that could command a PC's hard drive to erase, or other shenanigans. So far, no problems as a result of the bug have been reported, but experts called it a major security issue.

Microsoft on Monday posted a patch for Microsoft Outlook 98 at the URL listed at the bottom of this page.

MORE COMPUTING INTELLIGENCE
  IDG.net home page
  InfoWorld home page
  InfoWorld forums home page
  InfoWorld Internet commerce section
  Get Media Grok and The Industry Standard Intelligencer delivered for free
 Reviews & in-depth info at IDG.net
  IDG.net's personal news page
  Subscribe to IDG.net's free daily newsletter for IT leaders
  Questions about computers? Let IDG.net's editors help you
  Search IDG.net in 12 languages
 News Radio
  PC World News Radio
  Computerworld Minute audio news for managers
     

Netscape users will get a fix in August when Communicator 4.06 arrives, Netscape officials said.

Just two weeks ago, a server-based security breach made scripting information vulnerable on Microsoft's Internet Information Server, part of the popular Windows NT BackOffice family.

That was followed last week by a separate Windows NT bug. The so-called "privilege-elevation attack" enabled by a file posted on the Internet allows non-administrative users to gain access to supposedly secure network resources.

And even Microsoft products that haven't reached the public have recently been held up by bugs. The Exchange Server 5.5 Service Pack 1.0 product was just about ready to download -- so ready that Microsoft announced that it was a done deal -- when it was pulled back to be fixed two weeks ago.

Now, this week, in addition to the Outlook security issue, another messaging-oriented bug that affects Microsoft Exchange 5.x servers has arisen.

Internet Security Systems (ISS) X-Force, an independent test lab, announced late last week that a hacker can disrupt and crash Microsoft Exchange Server 5.x over the network, stopping e-mail and other services, though not losing data.

No customers have been affected by the lapse, said Microsoft, and on Monday the company created a "hot fix" that is available to Exchange customers by calling (425) 635-7000. The fix will also be part of the Exchange Service Pack 1.0 when it arrives in August, Microsoft said.

Microsoft has apparently been working with ISS on the issue for several weeks before the public announcement.

InfoWorld editor-at-large Dana Gardner is based in San Mateo, Calif.

Related stories:
Latest Headlines

Today on CNN

Related IDG.net stories:

Note: Pages will open in a new browser window Related sites:

External sites are not
endorsed by CNN Interactive

SEARCH CNN.com
Enter keyword(s)   go    help

   
 

Back to the top
© 2000 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.