While MS-bashing is often too easy, this statement about recent security holes seemed especially astounding: "Outlook Express ships with every Windows system, or rather as part of IE, so it's on every system. But unless it is configured to receive mail, you are not at risk," said Scott Culp, manager for Microsoft security response. Interesting. Unless it is configured to receive mail, like, you know, an email program.
posted by judith on Oct 11, 2002 - 30 comments

Using Internet Explorer, Outlook, or Outlook Express on a PC? There's a new hack in town, ready to exploit cross site scripts like nobody's business. Do yourself a favor and disarm ActiveX on your settings.
posted by mathowie on Jul 12, 2002 - 6 comments

The Twenty Most Critical Internet Security Vulnerabilities
This is a list of Internet security tips that SAMS and the FBI updated yesterday. The list is really aimed at IT professionals and does not offer much advice to the home user. My advise for any home user who is worried about viruses and security: 1. Don't use Windows OS, any Windows OS (try Linux or Mac) 2. Remove Outlook from your computer. 3. Don't open e-mail attachments you did not ask for.
posted by DragonBoy on Oct 2, 2001 - 10 comments

Yet another outlook vulnerability. This one's significantly nastier than the previous ones, because it can attack and run programs on your computer as you download the email from your server
More >>
posted by cCranium on Jul 19, 2000 - 12 comments

[ Damn, it's busy this morning... ]
"Outlook is perfectly safe... perfectly safe; that's why we're fixing it."
posted by baylink on May 16, 2000 - 4 comments

From Microsoft support: General Information About Using VBScript with Outlook

VBScript is designed to be a secure programming environment. It lacks various commands that can be potentially damaging if used in a malicious manner. This added security is critical in enterprise solutions.

(via Phil Agre's RRE mailing list)
posted by tregoweth on May 14, 2000 - 0 comments