E-mail exposed to hackers

E-mail exposed to hackers

Sendmail used to send messages between computer networks

As much as three-quarters of all e-mails could be at risk from malicious hackers.

The hackers could exploit a critical security flaw in the most popular program used to send messages between computer networks.

The hole does not directly affect personal computers but could expose e-mail and information sent over the internet using Sendmail software, said the security firm Internet Security Systems.

The problem affects all versions of the software and Sendmail is urging all users to download a fix for the flaw from its website.

Critical hole

This vulnerability is likely to draw significant attention from the intruder community, so the probability of a public exploit is high

Computer Emergency Response Team

Sendmail is the most popular e-mail server software, estimated to handle between 50% and 75% of all internet e-mail traffic.

The problem was discovered by researchers at ISS. They found that a hacker could send a specially formatted message, take control of a mail server running Sendmail and then run a malicious program.

ISS said the flaw was especially dangerous because an attacker did not need any specific knowledge of the target and could exploit the hole via an e-mail message.

However there is no evidence that hackers have taken advantage of the hole.

"We do not believe that this exploit is available to the public," said US net warning agency, the Computer Emergency Response Team (Cert).

"However, this vulnerability is likely to draw significant attention from the intruder community, so the probability of a public exploit is high," it warned.

All commercial versions of Sendmail, as well as some open-source versions from are vulnerable.

Companies are being urged to update their e-mail software by downloading the latest version of the program, which fixes the flaw.