Ok, there was some confusion over the past couple days, as there were virus warnings posted on various sites that were conflicting, so here's the deal. There were actually two recent email security warnings for Outlook and Outlook Express, so the 20 people telling Steve he was an idiot yesterday apparently didn't feel like clicking two links into his story. The first security hole is one that affects people that have Microsoft Access installed. Apparently, the security in Internet Explorer is broken for these types of documents and they're actually opened before the "Yes/No" box is actually answered by the user. What's this have to do with email? Well, Outlook and Outlook Express use IE to render their emails. Here's the security advisory, thanks to Blue. The second, more insidious security hole is a simple buffer overrun on the date field in email headers. Basically, if you're running Outlook Express or Outlook in Internet Mail Only mode, this may affect you. It depends on the version of IE you're running _and_ the version of your operating system. Here's the Microsoft security bulletin, thanks to Shack. So I think everyone that sent Steve nasty letters owes him a big fat kiss, huh? Huh?