Eudora Pro Email Security Risk

A security risk has been discovered in QUALCOMM's Eudora Pro Email 4.0 and 4.01 for Windows. This issue is different than the Microsoft's Outlook/Outlook Express and Netscape's Communicator "buffer overflow" problem. Although, to date, no such event has been reported, Symantec's AntiVirus Research Center would like to help you understand the threat and inform you of simple precautions to reduce your risk.

The problem:
A person could attach a malicious program (Trojan Horse or virus-infected program) to an e-mail message and "hide" the trigger as a standard URL link in the e-mail message. The trigger will look like a normal link to a web site, but in reality, run the attached program file.

As the user must intentionally click the trigger to activate the program, the real risk is greatly reduced. Under these circumstances, the danger is in launching the attachment on an unprotected system. This sort of Trojan Horse or virus distribution is easily prevented by installing Norton AntiVirus, using the AutoProtect function and updating virus definitions at least once a month.

A free patch to fix the problem is available for download from the QUALCOMM's web site.