Bug Alert! Outlook and Outlook Express vCard security hole!

Question

Bug Alert! - Users of Outlook vCards beware!

Answer

This question was answered on February 23, 2001. Much of the information contained herein may have changed since posting.

An alert has been released by Microsoft for anyone using the following e-mail programs:

Microsoft Outlook 98

Microsoft Outlook 2000

Microsoft Outlook Express 5.01

Microsoft Outlook Express 5.5

It seems that a devious person can plant a rogue script in the "vCard" or Virtual Business Card option that is used to send contact information that can be inserted into Outlook and Outlook Express address books As with regular attachments to an e-mail message, this scheme will only work if you click open the vCard that accompanies an e-mail message.

Microsoft has posted a patch for this bug at:

<a href="http://www.microsoft.com/windows/ie/download/critical/q283908/default.asp" target="_blank"><font color="#003399">>http://www.microsoft.com/windows/ie/download/critical/q283908/default.asp</b></font></a>

Get all the technical details of this exploit at:

<a href="http://www.microsoft.com/technet/security/bulletin/MS01-012.asp" target="_blank"><font color="#003399">>http://www.microsoft.com/technet/security/bulletin/MS01-012.asp</b></font></a>

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Ken of Data Doctors on February 23, 2001