(IDG) -- Cover up and use the bug spray liberally, as many as five software bugs have bitten Microsoft products and their users in the last few weeks.

The latest pesky outbreak may be a serious Internet e-mail breach that can erase hard drives and has affected not only Microsoft's Outlook and Outlook Express clients, but also Netscape's Communicator and apparently Qualcomm's Eudora clients.

The bug can allow an outsider to deliver a booby-trapped message that could command a PC's hard drive to erase, or other shenanigans. So far, no problems as a result of the bug have been reported, but experts called it a major security issue.

Microsoft on Monday posted a patch for Microsoft Outlook 98 at the URL listed at the bottom of this page.

MORE COMPUTING INTELLIGENCE

IDG.net home page

InfoWorld home page

InfoWorld forums home page

InfoWorld Internet commerce section

Get Media Grok and The Industry Standard Intelligencer delivered for free

Reviews & in-depth info at IDG.net

IDG.net's personal news page

Subscribe to IDG.net's free daily newsletter for IT leaders

Questions about computers? Let IDG.net's editors help you

Search IDG.net in 12 languages

News Radio

PC World News Radio

Computerworld Minute audio news for managers

Netscape users will get a fix in August when Communicator 4.06 arrives, Netscape officials said.

Just two weeks ago, a server-based security breach made scripting information vulnerable on Microsoft's Internet Information Server, part of the popular Windows NT BackOffice family.

That was followed last week by a separate Windows NT bug. The so-called "privilege-elevation attack" enabled by a file posted on the Internet allows non-administrative users to gain access to supposedly secure network resources.

And even Microsoft products that haven't reached the public have recently been held up by bugs. The Exchange Server 5.5 Service Pack 1.0 product was just about ready to download -- so ready that Microsoft announced that it was a done deal -- when it was pulled back to be fixed two weeks ago.

Now, this week, in addition to the Outlook security issue, another messaging-oriented bug that affects Microsoft Exchange 5.x servers has arisen.

Internet Security Systems (ISS) X-Force, an independent test lab, announced late last week that a hacker can disrupt and crash Microsoft Exchange Server 5.x over the network, stopping e-mail and other services, though not losing data.

No customers have been affected by the lapse, said Microsoft, and on Monday the company created a "hot fix" that is available to Exchange customers by calling (425) 635-7000. The fix will also be part of the Exchange Service Pack 1.0 when it arrives in August, Microsoft said.

Microsoft has apparently been working with ISS on the issue for several weeks before the public announcement.

InfoWorld editor-at-large Dana Gardner is based in San Mateo, Calif.