The successor to Outlook Express links seamlessly with its predecessor's dubious reputation in matters of security. Just a few months after its official release, the first significant security problem has been uncovered: under certain circumstances, simply clicking on a link in an email can cause a program to be launched on the local computer.
A hacker going by the pseudonym Kingcope has reported on a security mailing list that this can be achieved by simply embedding a link to a local program in an email. If a directory with the same name as the executable program exists, the program will be executed by Windows Mail when the user clicks on the link without requiring any confirmation. A brief test at heise Security confirmed this. After creating a folder called calc in C:WindowsSystem32, clicking on a link to c:/windows/system32/calc? launched the calculator without any further user interaction.
Bug found in Windows Mail
Posted on Thursday, March 29 2007 @ 8:25 CEST by Thomas De Maesschalck