Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

How safe is the "Use Microsoft's viewer" option

76 views

Skip to first unread message

Michael Chen

unread,

Jun 30, 2004, 7:57:39 PM6/30/04

Hi,

Is there any official document detailing the safty of enabling the "Use
Microsoft's viewer" option in Eudora - Tools - Options - Viewing Mail
setting?

With this option enabled, Eudora launch Internet Explorer inside its own
process, and the concern is IE has a lot of powerful yet often unsafe and
flawed features such as JavaScript and ActiveX. These features are
increasingly become the vehicle for attacks mounted by hackers.

Does Eudora blindly use the IE currently installed or does it use IE in a
more safty concious way. If the latter is true, I like to know more detail
on it.

Thanks

--Michael

Message has been deleted

Katrina Knight

unread,

Jul 7, 2004, 4:34:33 PM7/7/04

Michael Chen <mich...@earthlink.net> wrote:
> Is there any official document detailing the safty of enabling the "Use
> Microsoft's viewer" option in Eudora - Tools - Options - Viewing Mail
> setting?

> With this option enabled, Eudora launch Internet Explorer inside its own
> process, and the concern is IE has a lot of powerful yet often unsafe and
> flawed features such as JavaScript and ActiveX. These features are
> increasingly become the vehicle for attacks mounted by hackers.

Eudora doesn't launch IE at all. It makes use of its rendering engine.
That's not the same thing. If you don't want to run executables in
html, then just leave Eudora set to its default of not running them. That
takes care of things like javascript.

> Does Eudora blindly use the IE currently installed or does it use IE in a
> more safty concious way. If the latter is true, I like to know more detail
> on it.

I don't know of any document that details how the MS viewer works. I know
I once came across a description of some of what the developers disabled
when using the MS viewer, but I don't remember where that was. They
disabled a lot of things that they thought could be dangerous. Some of
the newer ones are mentioned in the relnotes.txt file.

In my opinion, using the MS viewer is a mild security problem, not
a major one at this time. Eudora's developers did try to make it safe to
use. On the other hand, considering the number of vulnerabilities
that have been found in IE, wouldn't want to count on the developers
having managed to protect you from all of them. If you are running good,
up-to-date anti-virus software and a good firewall and you observe basic
precautions, I don't think you're likely to have any big problems with it.
I have come across one person who may have gotten a virus from using it.
That was several years ago and she just didn't have enough knowledge to be
able to tell for sure whether that was really what happened or not. I've
never come across anyone who I was sure got infected from using the MS
viewer.

If you really, really want to be safe, turn it off though.

--
Katrina

0 new messages