Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

eEye spots another gaping hole in Outlook and Explorer

Stick it on the list.

Article comments

Microsoft says it is investigating a new high-risk security flaw affecting Outlook and Internet Explorer, adding to the growing number of serious bugs that have been reported to the vendor but remain unfixed.

eEye Digital Security disclosed the new bug, a buffer-overflow flaw potentially allowing attackers to execute malicious code on a system, last week. The bug affects default installations of Outlook, Outlook Express and Internet Explorer on Windows 2000 and Windows XP with Service Pack 1 installed, although eEye said additional versions of Windows may also be affected.

Microsoft said it is investigating the problem, and may issue a fix in the future. The company said it isn't aware of any exploits using the flaw.

In order to minimise the danger from unpatched bugs, eEye doesn't disclose more than the bare minimum of information on a flaw until it has been patched or the vendor has tested a workaround. However, the number of unpatched high-risk flaws eEye and other vendors have reported to Microsoft products is substantial, with some dating back several months.

Security researchers usually urge vendors to patch flaws within a few weeks of the initial report, arguing that bugs can be detected by potential attackers just as easily as by legitimate researchers.

eEye alone says it has nine bug reports awaiting patches from Microsoft, the oldest of which dates from the end of March. Most are high-risk, affecting software such as Internet Explorer, Outlook and system-level software.

Software from Macromedia and RealNetworks also has a total of three unpatched, high-risk flaws, according to eEye.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *