Search:

Well, not really off-topic. It goes to prove that you *think* your safe from a worm attack because it's quite old, but the little buggers are persistent.

Luckily, there doesn't seem to be a...

We've applied this patch to a lot of systems (3000+) with no ill-effects so far that can be attributed to it.

The odd thing about these worms is that they can flare up again from time-to-time. We...

There's a fairly low-key but worrying bit of malware exploiting this at the moment: http://voices.washingtonpost.com/securityfix/2008/10/data-stealing_trojan_exploitin.html

Don't been fooled into...

To be honest, only a small minority of patches need to be applied to most servers.

For example - there's no real need to patch IE on a file server because you're not going to be surfing for p0rn...

I've had some further thoughts on possible attack vectors for the TNEF flaw on Exchange servers.

Looking back to the Witty Worm again, there was a definite feeling that very many of the vulnerable...

I've had some further thoughts on possible attack vectors for the TNEF flaw on Exchange servers.

Looking back to the Witty Worm again, there was a definite feeling that very many of the vulnerable...

Mmm... the legal situation has been mentioned in a couple of threads.

The law varies widely according to the country you are in, and state-by-state in the US. However, one thing that you need to...

Mmm... the legal situation has been mentioned in a couple of threads.

The law varies widely according to the country you are in, and state-by-state in the US. However, one thing that you need to...

Errr this is a bit long.

Patch report
I applied the TNEF patch to two legacy Exchange 5.5 SP4 servers OK, although one did require a reboot. Definitely time to move from *that* platform though as...

Errr this is a bit long.

Patch report
I applied the TNEF patch to two legacy Exchange 5.5 SP4 servers OK, although one did require a reboot. Definitely time to move from *that* platform though as...

Yes, it's worth looking at the workarounds for each problem too. Sometimes the workarounds are very easy to implement and are often more effective.

Some of it depends on the seriousness of the flaw and the likelihood of it being exploited, versus the inherent risks of applying the patch.

For example, with the WMF patch I manually tried out a...

I hate to think what that might break though. Isn't the .dat file an integral part of an RTF formatted message?

Not one to put off patching though - although you don't need to reboot servers, the...

Urrrggghhh... I've done some poking around and it appears that the SERVER can be infected with the TNEF attack hence the patch - so an update would be required for both. The fact that it appears that...

For the Exchange / RTF / TNEF thing, there's a set of patches for client PCs (Outlook 2000, 2002 and 2003) and a set of patches for Exchange (5.0, 5.5 and 2000).

I've read the bulletin and I'm...

It depends. It's definitely worth taking additional steps if you have a wireless network, but as
HTRegz said it kinda depends on your circumstances. For my home network I take several additonal...

I think we've dodged the bullet on this one.. but I bet you that the WMF handling subsystem is full of holes like this, so I guess the bad guys will keep looking around all the legacy crap with...

I'm in the camp that says that's it not a great product - but it's certainly a LOT better than no firewall at all. It does have an elegant simplicity.. and as has been said, if you go onto the...

Now.. here's something strange. Remember the blocklist that the ISC was recommending..



Well, check out Alexa's movers and shakers (do NOT visit the sites) and look at the sites going down.

...

Windows XP Pro and Windows 2000 Pro applied the patch just fine for me.

Just going to apply the patch now. If I don't get the BSOD then I'll authorise it via our SUS server. If you don't hear from me..,

I've now seen this in action on an infected web page.

Now, I'll post real domains here because I trust you boys and girls to be CAREFUL with this stuff. Use Samspade for Windows or some other...

I ran the checker on a Windows 2000 SP4 PC and it came out as vulnerable. Also, a legacy NT4 box was also flagged as being vulnerable.

On the Windows 2000 issue..

My desktop PC here is Windows 2000 running Outlook 2000. Outlook can render WMF files embedded in an email message just fine - i.e. not as an attachment, as part of the...

A couple more reports on that too:
http://blogs.zdnet.com/Spyware/index.php?p=735
http://www.eweek.com/article2/0,1895,1906915,00.asp

If you cast your mind back to last year, there was a case...