VCard security hole leaves Outlook users exposed

Buffer overflow vulnerability could let hackers take control of a PC running Microsoft Outlook 2000

Computer security experts have issued warnings about a vulnerability affecting Microsoft's Outlook 2000 email client that could allow a hacker to take control of a user's machine.

The vulnerability lies with Outlook's compatibility with vCards (Virtual Cards) -- a special type of file that makes it possible for different email and organiser programs to share contact details.

A malicious computer hacker could create a vCards attachment capable of tricking Outlook or Outlook Express into running any code on a targeted Windows 95, 98, NT or 2000 machine when opened by the recipient. The vulnerability is known as a buffer overflow, because it allows code to execute outside the program's normal perimeters. If the buffer is overrun with random data it causes the application to crash. However, if it is overrun with specially designed code it could allow a third party to take control of a computer system.

Microsoft has issued its own warning concerning the vulnerability and admits that it poses a significant threat to users. The software corporation advises those running Outlook or Outlook Express to apply a specially-created security patch to stop the danger.

Hackers have in the past made use of similar software bugs to create more virulent computer viruses and worms. The Bubbleboy virus and the Kak worm made use of the same vulnerability in Outlook to attack computer systems and spread themselves.

Eric Chien, chief researcher at Symantec's Antivirus Research Centre (SARC) in Europe, said virus writers rarely use buffer overflow exploits. He suggested that a greater risk may be posed by malicious computer hackers looking for a way to target a specific computer network.

"Potentially someone could [use this exploit to] hack a computer," said Chien. "They could drop a Trojan, get inside a firewall and do whatever they want."

Other security experts agreed that the security hole poses a danger to companies and said it highlights the risk of executing unsolicited email attachments.

"Any vulnerability in commonly attached file types exposes corporations to great risk because these problems are often used as the opportunity for the malicious delivery of highly destructive and virulent mail worms," said Royal Hansen, European practice director for security firm @stake. "Again, this is a good example of why corporations must develop security policies that do not trust any attachment from any unknown source even if the type of attachment is considered safe by individual users."

Take me to Hackers

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read what others have said.