Suggest A Fix PC Support Forums > MS Alert: PGP may not encrypt email

Full Version: MS Alert: PGP may not encrypt email

Suggest A Fix PC Support Forums > Security > Security News and Warnings

73-997563179

Dec 27 2001, 02:14 PM

PGP freeware 7.0.3 plugin for MS Outlook email

A vulnerability was reported in the PGP plug-in for Microsoft Outlook. In a certain situation, a local user's e-mail might not be encrypted when it is expected to be.

It is reported that when a local user presses the Send button in the Message window, PGP selects text FROM ACTIVE WINDOW and passes it to the PGP Engine, where the ciphertext is placed into the ACTIVE WINDOW, replacing the selected text. It is reported that if another window becomes active on the local user's desktop while encryption is being performed, the ciphertext may be placed into that window instead of the original Message window. Then, the PGP plug-in will reportedly send the message.

No solution was available from Microsoft at this time.

Peter Trifonov

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.