:: NORMAN :: Antivirus | Firewall

Proactive IT security

Home

News

Support

Partner

Select country

Select product

News » Press releases » 2000 » Norman releases solution to security flaw in Microsoft‘s e-mail programs

Norman releases solution to security flaw in Microsoft‘s e-mail programs

Add to My Norman Bookmarks

27 July 2000

A security exposure in Microsoft’s popular e-mail programs Outlook and Outlook Express, recently announced by Microsoft and independent security companies, is a potential virus bomb. It may only be a matter of time before virus authors with evil intent exploit the flaw. Norwegian IT-security company Norman ASA has today released a program to close the vulnerability. The program is available for free download from Norman’s web sites.

Due to the security flaw in Microsoft’s e-mail programs, it is possible to write viruses that infect a PC through e-mail even before you open the infected mail. The damage may already be done while you check if any new, incoming messages have arrived, before the message is transferred to your in-box.

This vulnerability makes it possible to grab control of a PC by deliberately overflowing the date field in the message header, i.e. supply a date information that is too long. This can allow the offender to execute any program code of his choice, which opens for planting a malicious virus or Trojan on the computer. There are no limits to what such a program may do. Users who use Microsoft’s e-mail clients Outlook and Outlook Express to receive Internet e-mail are especially vulnerable to this exploit.

”Proof of Concept” source code has already been published through several Internet web sites and it is generally expected that this information quickly may be used with evil intent.

A potential virus bomb

- This is the worst security hole ever described publicly. If a virus is made exploiting this, we may potentially have a virus epidemic of far greater proportions than with ILOVEYOU, says Norman’s Development Manager for virus control, Steinar Wigtil.

- Traditional virus control software may not be sufficient to protect against viruses distributed this way, partly because of the speed with which such an epidemic may spread. Virus control is traditionally reactive – only after a new virus has reached the anti virus industry, are virus control programs updated to protect against the virus. In this case, that may simply be too slow, and a proactive approach is necessary, says Wigtil.

Protection against the vulnerability

Microsoft has released a program patch that closes the vulnerability. This can be freely downloaded from Microsoft’s web site. Norman strongly recommends all users of Outlook and Outlook Express to install this patch as soon as possible.

From earlier experience it is known that not everyone downloads such program corrections.

However, the need to be proactive and protect vulnerable systems fast still stands. Anyone who for any reason cannot or does not want to download Microsoft’s patch, may freely download Norman Date Checker, as a simple, stand alone program which will effectively protect against any software exploiting this vulnerability. Norman Date Checker may be downloaded from: http://www.norman.no/products_ndc.shtml.

For further information, please contact

Norman ASA, Development Manager for virus control Steinar Wigtil, tel +47-67-10-97-29 Norman ASA, Corporate Marketing Manager Bjørn A. Windfeldt, tel +47-67-10-97-76, mobile phone: +47-92-40-06-92

Security Information

>>	The Internet Crime Complaint Center's report for 2007
>>	2007

Security News and Advisories

>>	Three critical updates for Microsoft systems in May 2008
>>	Five critical updates for Microsoft systems in April 2008

Norman is one of the world’s leading companies within the field of data security. With products for antivirus (virus control), personal firewall, antispam and antiadware, the company plays an important role in the data industry.