From; Panda Oxygen3: "Every man is the son of his own works." Miguel de Cervantes Saavedra (1547-1616). Spanish writer - Address spoofing in various Microsoft mail clients - Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com) Madrid, April 12, 2005 - A vulnerability has been reported in the email clients Microsoft Outlook and Microsoft Outlook Web Access, which could allow an attacker to easily spoof or hide the real address. Microsoft Outlook and Microsoft Outlook Web Access (OWA) are widely-used mail clients in corporate networks. The vulnerability lies in the handling of message headers and allows an attacker to spoof the 'From:' field displayed to the user. In the SMTP header, when the 'From:' field contains multiple addresses separated by commas, Outlook and OWA only display the first address. This flaw can be used to send spam or phishing mails. What's more, it can slip past message filtering rules that could be defined in the corporate server. Microsoft Outlook Express is not affected by this problem. ------------------------------------------------------------ The 5 most frequently detected viruses by Panda ActiveScan, Panda Software's free online scanner: 1)Mhtredir.gen; 2)Netsky.P; 3)Shinwow.E; 4)Sdbot.ftp; 5)Downloader.BTH. ------------------------------------------------------------ To contact with Panda Software, please visit: http://www.pandasoftware.com/about/contact/ ------------------------------------------------------------ *********** MIKE"S REPLY SEPARATOR *********** Mike ~ It is a good day if I learned something new. Editor MikesWhatsNews see a sample on my web page http://www3.telus.net/mikebike <mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe> http://www3.telus.net/mikebike/worm_removal.htm See my Anti-Virus pages http://virusinfo.hackfix.org/index <virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe> A Technical Support Alliance and OWTA Charter Member