mahiwaga

From the Financial Times:

Earlier this week, Microsoft had classified the latest flaw as "important", one notch below "critical" on its four-level warning system. It said it upgraded the threat to the most serious level after receiving information about a new and more threatening "attack scenario" than the ones it had anticipated before.

Microsoft credited the discovery of the flaw in part to Jouko Pynnonen, an independent Finnish computer consultant. Mr Pynnonen, whose previous discoveries have included a serious flaw in Microsoft's Internet Explorer browser, said it was difficult to judge if the company's products are more vulnerable than those of other software companies because of its large user base, which attracts more attacks.

However, writing in an email, he added: "My feeling is that open source software tends to be more secure because the code is under more scrutiny."

The latest flaw involves Outlook, the email program contained in the widely-used Office suite of PC software applications. According to Microsoft, machines running a version of the software called Outlook 2002 are vulnerable when they are used to visit malicious web sites that that have been set up to exploit the flaw. They can also be compromised if they run HTLM programs that are delivered by email, the company added.

I suggest dropping Outlook entirely and going with something like Mozilla Thunderbird.