New Windows Vuln. worse than WMF?
Page 1 of 3 123 LastLast
Results 1 to 10 of 26

Thread: New Windows Vuln. worse than WMF?

  1. #1
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188

    New Windows Vuln. worse than WMF?

    "This one has massive financial implications if someone exploits it," Litchfield said.

    The TNEF vulnerability, which Microsoft spelled out in the MS06-003 security bulletin, is a flaw in how Microsoft's Outlook client and older versions of its Exchange server software decode the TNEF MIME attachment. TNEF is used by Exchange and Outlook when sending and processing messages formatted as Rich Text Format (RTF), one of the formatting choices available to Outlook users.

    "All that's required to exploit this is an e-mail message," said Litchfield. No user interaction is needed to compromise an Exchange 5.0, 5.5, or 2000 server; all that's necessary is to deliver a maliciously-crafted e-mail to the server.
    from: http://www.personaltechpipeline.com/news/175803807

    Looks like MS has more problems on their hands now...
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  2. #2
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188

    New Windows Vuln. worse than WMF?

    "This one has massive financial implications if someone exploits it," Litchfield said.

    The TNEF vulnerability, which Microsoft spelled out in the MS06-003 security bulletin, is a flaw in how Microsoft's Outlook client and older versions of its Exchange server software decode the TNEF MIME attachment. TNEF is used by Exchange and Outlook when sending and processing messages formatted as Rich Text Format (RTF), one of the formatting choices available to Outlook users.

    "All that's required to exploit this is an e-mail message," said Litchfield. No user interaction is needed to compromise an Exchange 5.0, 5.5, or 2000 server; all that's necessary is to deliver a maliciously-crafted e-mail to the server.
    from: http://www.personaltechpipeline.com/news/175803807

    Looks like MS has more problems on their hands now...
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  3. #3
    BIOS Bomber
    Join Date
    Jul 2003
    Location
    Michigan
    Posts
    357
    Name a time and place where they never had problems on their hands.
    "When in doubt, use Brute Force."

    Never argue with an idiot. They'll drag you down to their level, then beat you with experience.

  4. #4
    BIOS Bomber
    Join Date
    Jul 2003
    Location
    Michigan
    Posts
    357
    Name a time and place where they never had problems on their hands.
    "When in doubt, use Brute Force."

    Never argue with an idiot. They'll drag you down to their level, then beat you with experience.

  5. #5
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    When only Commodore 64's existed?

    Connection refused, try again later.

  6. #6
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    When only Commodore 64's existed?

    Connection refused, try again later.

  7. #7
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188
    Originally posted here by mandraketux
    Name a time and place where they never had problems on their hands.
    *L* Very true
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  8. #8
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188
    Originally posted here by mandraketux
    Name a time and place where they never had problems on their hands.
    *L* Very true
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  9. #9
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    FYI,

    I already posted this info on the 10th of Jan.

    http://www.antionline.com/showthread...hreadid=273115

    cheers
    Connection refused, try again later.

  10. #10
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    FYI,

    I already posted this info on the 10th of Jan.

    http://www.antionline.com/showthread...hreadid=273115

    cheers
    Connection refused, try again later.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •