[ISN] Eudora Pro Security Alert

From: mea culpa (jerichoat_private)
Date: Fri Aug 07 1998 - 16:26:07 PDT

Next message: mea culpa: "[ISN] CPIO Networks to Offer Commercial Support For OpenBSD"

Previous message: mea culpa: "[ISN] ISS Chimes In on Back Orifice"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded From: Dale Drew <ddrewat_private>

From:
http://eudora.qualcomm.com/security.html

			Eudora Pro Security Alert 

You may have read recently that there is potential for unauthorized 
programs to be run on your system through the use of hostile Java 
scripts and/or applets. This problem affects users of Eudora Pro 
Email 4.0 and 4.0.1, as well as Eudora Pro CommCenter 4.0 and 
4.0.1. Note that Eudora Light users and users of previous versions 
of Eudora Pro are not susceptible to these Java attacks. 

QUALCOMM became aware of this problem yesterday and is pleased to 
offer the following fixes so you will be safe from these types of 
attacks. 

  Download the current Eudora Pro Email version 4.1 Beta software. 
  This version has the safeguards against Java attacks. This upgrade 
  will be available for free to existing Eudora Pro 4.0 users once it 
  is released. http://eudora.qualcomm.com/betas/epro41.html

  If the above is not an option, you can protect yourself by turning 
  off the Microsoft viewer from within Eudora. To do this, follow 
  these steps: 

        1.In Eudora, go to the Tools menu and choose "Options". 
        2.On the left hand side of the options window, select 
           "Viewing Mail" 
        3.On the right hand side of the options window, make sure 
            the box next to "Use Microsoft's viewer" is UNCHECKED. 
        4.Click on "OK" on the bottom of the window. 

           Eudora Pro Email, Eudora Pro CommCenter and Eudora Light 
           are not susceptible to buffer overflow security problem

QUALCOMM rigorously tested its line of Eudora email software after becoming 
aware of the buffer overflow security problems recently found in Microsoft 
and Netscape email programs. QUALCOMM is pleased to announce that its Eudora 
email products are not susceptible to the types of attacks that can harm the 
computers of users of these other products. 

QUALCOMM tested Eudora Pro and Eudora CommCenter versions 4.0, as well as
Eudora Pro and Eudora Light versions 3.0 on both the Windows and Macintosh
platforms. In all cases, Eudora does not allow any unauthorized programs to be
automatically executed on a user's system. 

                 "Success through teamwork"
===============================================================
Dale Drew                                MCI Telecommunications
Sr. Manager                                internetMCI Security
                                                    Engineering
Voice:  703/715-7058                    Internet: ddrewat_private
Fax:    703/715-7066                MCIMAIL: Dale_Drew/644-3335

-o-
Subscribe: mail majordomoat_private with "subscribe isn".
Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]

Next message: mea culpa: "[ISN] CPIO Networks to Offer Commercial Support For OpenBSD"
Previous message: mea culpa: "[ISN] ISS Chimes In on Back Orifice"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:00:42 PDT