Vista's Windows Mail vulnerable to file execution attack
A design error in Microsoft's Windows Mail, the e-mail application bundled into Windows Vista, could expose users to remote file execution attacks, according to a warning from security researchers.
A hacker known as "Kingcope" published proof-of-concept code to show that remote code execution is possible if a user is tricked into clicking a malicious link.
The error is that Windows Mail will execute any executable file if a folder exists with the same name. » Vista’s Windows Mail vulnerable to file-execution attack | Zero Day | ZDNet.com
Back to: PC Security, privacy news