14 DAY TRIAL // We're all aware of the fact that Microsoft's products have always had a lot of security issues, generally caused by the vulnerabilities that managed to make their way into the source code developed by the engineers from Redmond.
And it seems that, once again, Microsoft doesn't "disappoint" us, because another one of its products is in trouble. According to CNET News, the risk of an attack related to a flaw in Microsoft Outlook Express climbed this week, after underground hacking sites began circulating sample code for exploiting a component of Outlook's newsreader program called Network News Transfer Protocol
This problem has been brought to the users' attention by the French Security Incident Response Team. Thus, according to the team's members, the exploit can be used for acquiring total control over the systems running certain versions of the Outlook Express email client, but only when the users are visiting hacker-controlled newsgroups.
The vulnerability has been discovered in several versions of Outlook Express, including releases 5.5 and 6.0 for Windows 2000, XP and Server 2003 machines. The problem is pretty serious though, because hackers are able to exploit this flaw even if the users don't launch the Outlook Express program.
However, security experts think that the risk of a widespread attack is rather low, because the users would have to visit the hacker's sites in order to suffer an attack, and the possibility of them doing so is rather low.
Microsoft is aware of the existence of this flaw, and, by means of its representatives, has urged the users to apply the patch developed for fixing this bug.