All you people posting in HTML with Outlook... (General Discussion)

Thread

Board Archives

	Bots
	Community
	General Discussion
	Sdk
	Wishlist
	Author Search

Site Features

	Citizens List
	Badges & Achievements
	Events Directory
	News and Articles
	Worlds List
	About Alphaworld
	Search Object Paths

Activeworlds Support

	Download Activeworlds
	Quickstart Tutorial

Historic Archives

	Truespace Archives
	Newsgroup Archives

All you people posting in HTML with Outlook... (General Discussion)

All you people posting in HTML with Outlook... // General Discussion

tony m

Jul 15, 2001, 12:10pm

....
http://www.cnn.com/2001/TECH/internet/07/13/outlook.hole.idg/index.html

Well I have all these updates installed now that are critical updates that I am
frequently notified about and d/l to correct such problems.

Security Update, May 24, 2001 (Internet Explorer 5.5 Service Pack 1)
2129 KB/ Download Time: 12 min
This update resolves several security vulnerabilities in Internet Explorer 5.5
Service Pack 1 (SP1), and is discussed in Microsoft Security Bulletins MS01-015
and MS01-027. It also includes a previously released update, which is discussed
in Microsoft Security Bulletin MS01-020. Download now to eliminate multiple
certificate validation vulnerabilities and to prevent a malicious Web site
operator from running programs on your computer via HTML Help (.chm) files, and
executable e-mail attachments, and to prevent malicious Web site operators from
making it appear that the content from his or her Web site actually originated
from another site, even a trusted or secure Web site. Read this first Already
Installed
Security Update, May 30, 2001
920 KB/ Download Time: 5 min
This update addresses three security vulnerabilities in Windows Media Player
6.4, and is discussed in Microsoft Security Bulletin MS01-029. Download now to
prevent a malicious user from running code of his or her choice, or reading
files on your computer. This update also prevents a privacy vulnerability that
could allow a malicious set of Web site operators to differentiate you from
other Web site visitors using profiling. Read this first Already Installed
Security Update, April 2, 2001
124 KB/ Download Time: < 1 min
This update resolves the "Erroneous VeriSign-Issued Digital Certificates Pose
Spoofing Hazard" security vulnerability, and is discussed in Microsoft Security
Bulletin MS01-017. Download now to prevent an unauthorized user from running
code on your computer by digitally signing programs as "Microsoft Corporation".
Read this first Already Installed
Windows Share Level Password Update
209 KB/ Download Time: 1 min
This update resolves the "Windows Share Level Password" vulnerability in Windows
98 and Windows 98 Second Edition. If a computer that is linked to a network has
File and Print Sharing enabled, and has at least one password-protected folder
shared, it may be possible for a user on the network to gain unauthorized access
to the folder. This vulnerability exists because of the way the password feature
of share level access is implemented for computers running Windows 98. A
malicious user can exploit this vulnerability and use a special client utility
to gain access to a share without knowing the entire password, and may be able
to retrieve, modify, or delete any file within that share. Download now to
prevent unauthorized access to files that are shared over a network that uses
share level security. Read this first Already Installed
Security Update, May 19, 2000
192 KB/ Download Time: 1 min
This update resolves the "IP Fragment Reassembly" security vulnerability in
Windows 98 and Windows 98 Second Edition (SE), and is discussed in Microsoft
Security Bulletin MS00-029. Read this first Already Installed
Security Update, March 17, 2000
222 KB/ Download Time: 1 min
This update eliminates the "DOS Device in Path Name" security vulnerability
found in Windows 98 and Windows 98 Second Edition, and is discussed in Microsoft
Security Bulletin MS00-017. Download now to prevent a malicious user from
causing your computer to crash by accessing a file or folder with a path that
contains certain reserved words. Read this first Already Installed
Security Update, January 17, 2000
818 KB/ Download Time: 4 min
This update eliminates the "Malformed RTF Control Word" vulnerability, and is
discussed in Microsoft Security Bulletin MS00-005. Download now to prevent a
malicious user from sending a specially malformed e-mail and crashing your
e-mail service. Read this first Already Installed
Security Update 1, November 29, 1999
196 KB/ Download Time: 1 min
This update eliminates the "Spoofed Route Pointer" and "Fragmented IGMP Packet"
vulnerabilities in Microsoft Windows 98. Download now to prevent a malicious
user from using source routing to obtain network information through your
Windows 98 computer, and to protect your computer's performance when it
encounters fragmented data packets. Read this first Already Installed
Security Update, November 12, 1999
169 KB/ Download Time: < 1 min
This update eliminates the "File Access URL" vulnerability in Windows 95, and is
discussed in Microsoft Security Bulletin MS99-049. Download now to prevent a
malicious user or Web site operator from exploiting the vulnerability to run
arbitrary code or cause your computer to crash. Read this first Already
Installed
Security Update, September 9, 1999
146 KB/ Download Time: < 1 min
This update eliminates a vulnerability in the Telnet client that ships as part
of Windows 98, and is discussed in Microsoft Security Bulletin MS00-033. The
vulnerability can allow a Web site operator to take malicious action on a
visiting user's computer. For example, this Web page could be configured to
create, delete or modify files, reformat the hard drive, or send data to or from
a Web page. Read this first

This is also another update available that I d/led today.

Root Certificates Update
175 KB/ Download Time: 1 min
This item updates the list root certificates on your computer to the latest list
that is accepted by Microsoft as part of the Microsoft Root Certificate Program.
Adding additional root certificates to your computer enables a greater range of
secure Web browsing, secure e-mail, and secure code delivery applications to
work seamlessly. This update includes root certificates from Verisign, Thawte,
and Post.Trust in Ireland. Read this first Already Installed

The chances that I will even go to one of those websites that has the problem
with this bug is about the same chance I have in being killed in a car accident,
or winning the lottery maybe, lol

[View Quote]

kah

Jul 15, 2001, 4:09pm

man, you're NAIVE! do you actually think it will help??? it's made by
Microsoft, it won't help!

KAH

[View Quote]

"chucks party" <Chucks_Party at hotmail.com> wrote in message
news:3b51b838 at server1.Activeworlds.com...
> Well I have all these updates installed now that are critical updates that
I am
> frequently notified about and d/l to correct such problems.
>
> Security Update, May 24, 2001 (Internet Explorer 5.5 Service Pack 1)
> 2129 KB/ Download Time: 12 min
> This update resolves several security vulnerabilities in Internet Explorer
5.5
> Service Pack 1 (SP1), and is discussed in Microsoft Security Bulletins
MS01-015
> and MS01-027. It also includes a previously released update, which is
discussed
> in Microsoft Security Bulletin MS01-020. Download now to eliminate
multiple
> certificate validation vulnerabilities and to prevent a malicious Web site
> operator from running programs on your computer via HTML Help (.chm)
files, and
> executable e-mail attachments, and to prevent malicious Web site operators
from
> making it appear that the content from his or her Web site actually
originated
> from another site, even a trusted or secure Web site. Read this first
Already
> Installed
> Security Update, May 30, 2001
> 920 KB/ Download Time: 5 min
> This update addresses three security vulnerabilities in Windows Media
Player
> 6.4, and is discussed in Microsoft Security Bulletin MS01-029. Download
now to
> prevent a malicious user from running code of his or her choice, or
reading
> files on your computer. This update also prevents a privacy vulnerability
that
> could allow a malicious set of Web site operators to differentiate you
from
> other Web site visitors using profiling. Read this first Already
Installed
> Security Update, April 2, 2001
> 124 KB/ Download Time: < 1 min
> This update resolves the "Erroneous VeriSign-Issued Digital Certificates
Pose
> Spoofing Hazard" security vulnerability, and is discussed in Microsoft
Security
> Bulletin MS01-017. Download now to prevent an unauthorized user from
running
> code on your computer by digitally signing programs as "Microsoft
Corporation".
> Read this first Already Installed
> Windows Share Level Password Update
> 209 KB/ Download Time: 1 min
> This update resolves the "Windows Share Level Password" vulnerability in
Windows
> 98 and Windows 98 Second Edition. If a computer that is linked to a
network has
> File and Print Sharing enabled, and has at least one password-protected
folder
> shared, it may be possible for a user on the network to gain unauthorized
access
> to the folder. This vulnerability exists because of the way the password
feature
> of share level access is implemented for computers running Windows 98. A
> malicious user can exploit this vulnerability and use a special client
utility
> to gain access to a share without knowing the entire password, and may be
able
> to retrieve, modify, or delete any file within that share. Download now to
> prevent unauthorized access to files that are shared over a network that
uses
> share level security. Read this first Already Installed
> Security Update, May 19, 2000
> 192 KB/ Download Time: 1 min
> This update resolves the "IP Fragment Reassembly" security vulnerability
in
> Windows 98 and Windows 98 Second Edition (SE), and is discussed in
Microsoft
> Security Bulletin MS00-029. Read this first Already Installed
> Security Update, March 17, 2000
> 222 KB/ Download Time: 1 min
> This update eliminates the "DOS Device in Path Name" security
vulnerability
> found in Windows 98 and Windows 98 Second Edition, and is discussed in
Microsoft
> Security Bulletin MS00-017. Download now to prevent a malicious user from
> causing your computer to crash by accessing a file or folder with a path
that
> contains certain reserved words. Read this first Already Installed
> Security Update, January 17, 2000
> 818 KB/ Download Time: 4 min
> This update eliminates the "Malformed RTF Control Word" vulnerability, and
is
> discussed in Microsoft Security Bulletin MS00-005. Download now to prevent
a
> malicious user from sending a specially malformed e-mail and crashing your
> e-mail service. Read this first Already Installed
> Security Update 1, November 29, 1999
> 196 KB/ Download Time: 1 min
> This update eliminates the "Spoofed Route Pointer" and "Fragmented IGMP
Packet"
> vulnerabilities in Microsoft Windows 98. Download now to prevent a
malicious
> user from using source routing to obtain network information through your
> Windows 98 computer, and to protect your computer's performance when it
> encounters fragmented data packets. Read this first Already Installed
> Security Update, November 12, 1999
> 169 KB/ Download Time: < 1 min
> This update eliminates the "File Access URL" vulnerability in Windows 95,
and is
> discussed in Microsoft Security Bulletin MS99-049. Download now to prevent
a
> malicious user or Web site operator from exploiting the vulnerability to
run
> arbitrary code or cause your computer to crash. Read this first Already
> Installed
> Security Update, September 9, 1999
> 146 KB/ Download Time: < 1 min
> This update eliminates a vulnerability in the Telnet client that ships as
part
> of Windows 98, and is discussed in Microsoft Security Bulletin MS00-033.
The
> vulnerability can allow a Web site operator to take malicious action on a
> visiting user's computer. For example, this Web page could be configured
to
> create, delete or modify files, reformat the hard drive, or send data to
or from
> a Web page. Read this first
>
>
> This is also another update available that I d/led today.
>
> Root Certificates Update
> 175 KB/ Download Time: 1 min
> This item updates the list root certificates on your computer to the
latest list
> that is accepted by Microsoft as part of the Microsoft Root Certificate
Program.
> Adding additional root certificates to your computer enables a greater
range of
> secure Web browsing, secure e-mail, and secure code delivery applications
to
> work seamlessly. This update includes root certificates from Verisign,
Thawte,
> and Post.Trust in Ireland. Read this first Already Installed
>
>
> The chances that I will even go to one of those websites that has the
problem
> with this bug is about the same chance I have in being killed in a car
accident,
> or winning the lottery maybe, lol
>
>
>
> "tony m" <tony at triton-dynamics.iwarp.com> wrote in message
> news:3b51a44d$1 at server1.Activeworlds.com...
>
>

m a r c u s

Jul 15, 2001, 5:15pm

I see numerous references to email, not newsgroups. I am not playing naive
or think you aren't accurate associating that link with newsgroups, but
please show the direct connection between newsgroups and a security hole.

[View Quote]

kah

Jul 15, 2001, 8:00pm

as an ActiveX developer (I program ActiveX controls) and as a VB programmer
I know some about this:
the article says it's called a view control, to view HTML content in
e-mails. but it's rather general purpose for viewing HTML content in stuff
that's very much like e-mail, like NG posts. so, MS use it for both, and you
can get nasty stuff very easily...

KAH

[View Quote]

Awportals.com · ProLibraries Live · Twitter · LinkedIn