Main Menu
Network
Sponsor
Top 10 Sites
Partners
|
|
Top Submit newsSubscribe 
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news list
| Sponsored links | Want to become one of our authors and see your work published on ALLSeek.iNFO ?
| | VLM Vulnerability Extends to Outlook 2003 |
|---|
Categorie: Vulnerability
Posted: 2006-09-26 by ReSiDeNt
Views: 4462
| Current Rating: Not rated
|
| | Details |
|---|
 A vulnerability reported initially by Sunbelt Software Inc. and confirmed by the Redmond Company affects not only Internet Explorer and Outlook 2007, but also Outlook 2003. While - initially - the
critical vulnerability was thought to impact only the browser and Outlook 2007 related to the usage of VLM tags, the 2003 version of the email client also proves to be vulnerable to the Microsoft vector markup language flaw.
The Redmond Company has not issued a patch for this critical vulnerability, although the US software giant has admitted to the existence of exploits and proof-of-concept in the wild. According to Microsoft, a security bulletin addressing the VLM vulnerability is scheduled to be delivered on October 10, 2006, as part of the company's monthly cycle of security updates. However, the Redmond Company has stated that an exception could be triggered by the level of impact of the exploits associated with the VLM vulnerability. Meanwhile, Microsoft has proposed a series of workarounds mitigating the situation.
"Microsoft Office Outlook 2003 provides a new option named the Read all standard mail in plain text option that permits you to view all e-mail messages in plain text format. If you are concerned about the threat of a virus or of some other type of malicious script executing through HTML or through Microsoft Outlook Rich Text Format (RTF), you can use the Read all standard mail in plain text option to prevent Outlook 2003 from rendering those formats. With the Read all standard mail in plain text option turned on, Outlook 2003 displays all standard e-mail messages in plain text format. The Read all standard mail in plain text option is for display purposes only. The original e-mail message is not converted to plain text format," advised Microsoft.
The VlM vulnerability in Outlook 2003 brings on the potential risk of a remote code execution via attacks using embedded machine-language "shellcode" program in the VML tags.
| | Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1684
| | User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
| Previous articleBack to news list
|
|
|
|
InterJOB.su
|
