According to Secunia's chief technology officer Thomas Kristensen, proof-of-concept code demonstrating the Outlook issue has been sent to Microsoft to prove that this is indeed a Windows vulnerability that's caused by a design change in Internet Explorer 7.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.
Adobe has shipped patches for several high-risk security holes affecting its widely used PageMaker, Illustrator and GoLive 9 products.
Microsoft's dominant Internet Explorer browser has undergone a security makeover to correct at least four vulnerabilities that could be used in code execution attacks if a user simply surfs to a maliciously rigged Web page.
In response to public disclosure of a code execution hole affecting default installations of Sun Solaris, the company is recommending users turn off the X font server until a patch is ready.
McAfee today announced plans to shell out $350 million to buy SafeBoot, a deal that strengthens the anti-virus vendor's push into the mobile data security market.
In a pre-patch advisory, Adobe offered a complicated (and unsupported) workaround for its customers and promised a comprehensive fix will be ready before the end of October 2007.
Next Tuesday's batch of security updates from Microsoft will include "critical" patches for worm holes in Windows, Internet Explorer, Office, Outlook Express and Windows Mail.
Sun Microsystems has shipped patches to fix a batch of "highly critical" vulnerabilities in Sun Java JRE (Java Runtime Environment).
Apple has taken another stab at fixing a one-year-old QuickTime vulnerability that exposed Windows XP and Windows Vista to code execution attacks.
Default installations of Sun's free Solaris operating system are sitting ducks for remote code execution attacks.According to an alert from iDefense, the flaw exists in the way Solaris implements the X Font Server (xfs), which is used to handle font rendering on X11 (X Window System).