All mail sent to any House of Fusion mailing list has its headers rewritten and HTML content removed. This means that you will not receive any emails to the list that can take advantage of the below mentioned security hole. I'm posting this to the list so that all list members using MS IE 5.01 or 5.5 to read their mail can take proper precautions. Thank you and may you be secure.
This vulnerability exists because Internet Explorer does not handle MIME (Multipurpose Internet Mail Extensions) headers in HTML e-mails correctly. If a malicious user sends an affected HTML e-mail or hosts an affected e-mail on a Web site, and a user opens the e-mail or visits the Web site, Internet Explorer automatically runs the executable on the user's computer. If this occurs, the executable can take any action on the computer that the user can take, including adding, changing, or deleting data, communicating with Web sites, or reformatting the hard drive. This update eliminates the vulnerability by correcting the way Internet Explorer handles MIME headers in HTML e-mails, preventing e-mails from automatically launching executable attachments.
http://www.microsoft.com/technet/security/bulletin/MS01-020.asp
Michael Dinowitz Publisher: Fusion Authority weekly news alert (www.fusionauthority.com/alert) Listmaster: CF-Talk, CF-Jobs, Spectra-Talk, Jrun-Talk, etc. (www.houseoffusion.com) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm ------------------------------------------------------------------------------ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/spectra_talk or send a message to spectra-talk-request@houseoffusion.com with 'unsubscribe' in the body.
Spectra-Talk
Michael Dinowitz