Text 21480, 69 rader
Skriven 2006-09-25 09:34:01 av George Vandervort (1:382/8)
Ärende: MS IE and Outlook VML Bug
=================================
Hello All!



=== Cut ===

http://www.techworld.com/news/index.cfm?newsID=6937&printerfriendly=1

Outlook also exposed to critical VML bug
Microsoft in mad rush to produce fix.
Robert McMillan, IDG News Service

22 September 2006

A critical bug in Internet Explorer browser also affects Outlook 2003, it has
been revealed.

The vulnerability can be triggered when Explorer or Outlook 2003 processes
web-based graphics code written in the Vector Markup Language (VML). It was
first reported Monday by researchers at Sunbelt Software.

Attackers have not yet begun exploiting the email attack, but a handful of
websites now serve the code, and hackers have publicly posted software that
exploits the vulnerability. Experts predict the code will be available on tens
of thousands of websites within just a few days.

Initially, researchers thought that only Explorer was vulnerable to attacks,
but Sunbelt has now concluded that Outlook 2003 users are also at risk. That's
because researchers have discovered a way to execute malicious code without
using scripting code, which would normally be blocked by Outlook. By embedding
a machine-language "shellcode" program in the VML tags, researchers have been
able run unauthorised software on systems running the latest version of Outlook
2003.

This has raised concerns because it means that some victims could have their
PCs compromised with little or no user action. To attack Internet Explorer,
hackers would first need to trick users into visiting a malicious website. But
with an Outlook attack, it becomes much easier to target a victim. "All you
have to do is send an HTML email and the user is hosed," said Eric Sites,
Sunbelt's vice president of research and development.

Researchers at VeriSign's iDefense unit have also confirmed that some
configurations of Outlook will launch the code with no user action, said Ken
Dunham, the director of the iDefense Rapid Response Team. Users who have
Outlook's Reading Pane enabled to read messages in HTML are particularly
vulnerable to this attack, Dunham said. Outlook Express users do not appear to
be at risk, said Sites.

Microsoft is advising users who want to protect themselves to set Outlook to
read email messages in plain text format. Instructions describing how to do
this can be found here. The software giant has put out an advisory on the issue
and is rapidly working toward a fix for the problem.

Sunbelt-Software.com has posted a workaround for the vulnerability.

=== Cut ===

Regards,
George Vandervort
InterNet EMail: georgev@austin.rr.com
Tech Support: http://home.austin.rr.com/llr/spa/

'Using yesterday's software to create tomorrow's problems today'


...Save Canada: When you Visit, take someone with you.

--- FMail/Win32 1.60
 * Origin: Bill Gates does my Windows (FidoNet 1:382/8)