Avyaya – Tech Rants

Driving the Tech BandWagon

Microsoft Outlook Vulnerability

How would it be if you get to know that a remote user can cause unwanted and hazardous code to be executed on the target user’s system. Alarmed?

There is every reason to answer this question with a YES. You are more susceptible to this vulnerability if you are using Microsoft Outlook. This vulnerability had been reported by Greg MacManus of iDefense Labs. Wanna know how this would be happening?

Procedure: A remote user can create a specially crafted mailto URL that, when loaded by the target user, will trigger an input validation flaw and execute unwanted code on the target system. The code when executed, will run with the privileges of the target user.

Solution: Microsoft has come out with specific fixes which are free to download:

Outlook 2000 Service Pack 3: Get it here

Outlook 2002 Service Pack 3: Get it here

Outlook 2003 Service Pack 2: Get it here

Outlook 2003 Service Pack 3: Get it here

Outlook 2007: Get it here

A restart is not required.

Have a look at the Microsoft Advisary.

For more related articles: Security Tracker

March 12, 2008 - Posted by avyaya | Computers, Education, Entertainment, Programming, Security, Software, Technology, internet | , , , , , | 2 Comments

2 Comments »

  1. [...] which would remove the messenger from the tray as a whole. I do not emphasize this as another Microsoft Vulnerability, but, it is, as the end-user is the one being harassed(read as [...]

    Pingback by Remove MSN Messenger Tray Icon in XP « Avyaya - Tech Rants | March 14, 2008 | Reply

  2. [...] which would remove the messenger from the tray as a whole. I do not emphasize this as another Microsoft Vulnerability, but, it is, as the end-user is the one being harassed(read as [...]

    Pingback by How To Remove MSN Messenger Tray Icon | Nirvana's Query | June 28, 2008 | Reply


Leave a comment

« Previous | Next »