Home » Technology » Computer Security » Computer Security Weekly, August 9, 1999

Computer Security Weekly, August 9, 1999

© Robert Slade

Not much solid information about this one, but we'll give you what we've got. There is a serious security bug in Office 97. The bug involves the Jet 3.51 program, which is a part of the database engine of Access. However, since other programs, especially Excel, use some database functions, Jet exists in copies of Office that do *not* have Access, and the security bug is present. Microsoft is being extremely coy about giving details, so as not to give anyone ideas. To date, no exploits have been reported. Also to date, Microsoft does not have a recommended fix for the problem. If you go looking for information, the problem is described by Microsoft as an "Excel 97 'ODBC Driver' Vulnerability" problem.

While no exploits have been reported, concern seems to focus on Web page content using Excel worksheets. Also noted by one correspondent was the fact that components of Office seem to be "trusted" by Internet Explorer, and the standard warnings about starting new programs may not appear in this case.

---

Auctions and users on eBay are starting to be subject to a "denial of service"-like scam called bid shielding. The scammer will submit a very low bid, then a very high bid to discourage other bids. At the last minute, the high bid will be withdrawn, and the scammer walks away with a bargain.

---

In the early days of the net, lots of sites were on only a part of the time, and lots of links were unreliable. Therefore, most mail transfer agents would act as mail relays. The relay function still exists, but in these days of greater reliability and accessibility relays are generally only used by spammers as a way of hiding their identity. Many users of UNIX workstations have mail servers (as opposed to mail readers) enabled without knowing it, and a recent bug in Microsoft Exchange allowed a lot of relays to be used even if the function was supposed to be turned off.

An entity called IMRSS is scanning the net for open mail relay sites. This is being done supposedly in an attempt to eliminate open relays, and to enable secure sites to eliminate spam from transfer sites. Unfortunately, IMRSS does not appear to be contacting the owners of relay enabled machines. Furthermore, because it's database is openly accessible, it may be becoming a source of information for spammers to use ...

The copyright of the article Computer Security Weekly, August 9, 1999 in Computer Security is owned by . Permission to republish Computer Security Weekly, August 9, 1999 in print or online must be granted by the author in writing.