Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Exploit Appears For Outlook Express Vulnerability


  • Please log in to reply
2 replies to this topic

#1 River_Rat

River_Rat

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Oklahoma - USA
  • Local time:04:13 AM

Posted 28 June 2005 - 08:29 AM

Symantec warns that a working exploit has appeared for one of the vulnerabilities Microsoft revealed last week.

Symantec on Friday warned that a working exploit has appeared for one of the vulnerabilities Microsoft revealed last week, making it even more imperative that the patch be deployed.
The vulnerability, dubbed MS05-030 by Microsoft on June 14, relates specifically to Outlook Express, the bare-bones e-mail client packaged with Windows. According to Microsoft, Outlook Express has a bug in its NNTP parsing function that hackers can exploit by creating a news server loaded with malicious code.

Although Microsoft said in its bulletin that users who rely on Outlook Express (OE) as their newsgroup reader are primarily at risk, Symantec noted that because of OE's tight integration with Internet Explorer, past exploits have been able to compromise systems even when OE wasn't actually used on the vulnerable PCs.

Windows 2000, XP, and Server 2003 are affected by this, although Windows XP SP2 is not.

Exploit code for this vulnerability has gone public, Symantec said, and pointed to a French firm, FrSIRT, that had posted the code on its Web site.

If Microsoft's patch cannot be deployed, Symantec recommended that users disable Outlook Express as the news:// URL handler by removing the Windows registry key "HKEY_CLASSES_ROOT\news\shell\open\command" and blocking access to untrusted NNTP servers at the perimeter.


Microsoft Security Bulletin MS05-030
http://www.microsoft.com/technet/security/...n/MS05-030.mspx

BC AdBot (Login to Remove)

 


#2 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:05:13 AM

Posted 29 June 2005 - 06:00 AM

:thumbsup:

Thanks for the tippers River_Rat

Keep 'em coming...
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#3 River_Rat

River_Rat
  • Topic Starter

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Oklahoma - USA
  • Local time:04:13 AM

Posted 29 June 2005 - 10:20 AM

:thumbsup:

Thanks for the tippers River_Rat

Keep 'em coming...

YW
Seems as 1 issue shows its ugly head there are 3 more hinding in the bushes.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users