[ISN] Eudora Pro Security Alert

From: mea culpa (jerichoat_private)
Date: Fri Aug 07 1998 - 16:26:07 PDT

  • Next message: mea culpa: "[ISN] CPIO Networks to Offer Commercial Support For OpenBSD"

    Forwarded From: Dale Drew <ddrewat_private>
    			Eudora Pro Security Alert 
    You may have read recently that there is potential for unauthorized 
    programs to be run on your system through the use of hostile Java 
    scripts and/or applets. This problem affects users of Eudora Pro 
    Email 4.0 and 4.0.1, as well as Eudora Pro CommCenter 4.0 and 
    4.0.1. Note that Eudora Light users and users of previous versions 
    of Eudora Pro are not susceptible to these Java attacks. 
    QUALCOMM became aware of this problem yesterday and is pleased to 
    offer the following fixes so you will be safe from these types of 
      Download the current Eudora Pro Email version 4.1 Beta software. 
      This version has the safeguards against Java attacks. This upgrade 
      will be available for free to existing Eudora Pro 4.0 users once it 
      is released. http://eudora.qualcomm.com/betas/epro41.html
      If the above is not an option, you can protect yourself by turning 
      off the Microsoft viewer from within Eudora. To do this, follow 
      these steps: 
            1.In Eudora, go to the Tools menu and choose "Options". 
            2.On the left hand side of the options window, select 
               "Viewing Mail" 
            3.On the right hand side of the options window, make sure 
                the box next to "Use Microsoft's viewer" is UNCHECKED. 
            4.Click on "OK" on the bottom of the window. 
               Eudora Pro Email, Eudora Pro CommCenter and Eudora Light 
               are not susceptible to buffer overflow security problem
    QUALCOMM rigorously tested its line of Eudora email software after becoming 
    aware of the buffer overflow security problems recently found in Microsoft 
    and Netscape email programs. QUALCOMM is pleased to announce that its Eudora 
    email products are not susceptible to the types of attacks that can harm the 
    computers of users of these other products. 
    QUALCOMM tested Eudora Pro and Eudora CommCenter versions 4.0, as well as
    Eudora Pro and Eudora Light versions 3.0 on both the Windows and Macintosh
    platforms. In all cases, Eudora does not allow any unauthorized programs to be
    automatically executed on a user's system. 
                     "Success through teamwork"
    Dale Drew                                MCI Telecommunications
    Sr. Manager                                internetMCI Security
    Voice:  703/715-7058                    Internet: ddrewat_private
    Fax:    703/715-7066                MCIMAIL: Dale_Drew/644-3335
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:00:42 PDT