Outlook Express and Windows Mail NNTP Memory Corruption Vulnerability

Discussion in 'Computer Support' started by Leythos, Oct 10, 2007.

  1. Leythos

    Leythos Guest

    MS07-056 : Outlook Express and Windows Mail NNTP Memory Corruption

    Windows ships with either the Outlook Express (OE) or the Windows Mail
    (WM) email client to allow you to download and read your email.
    According to Microsoft, both these email clients suffer from a memory
    corruption vulnerability involving the way they handle the Network News
    Transfer Protocol (NNTP) . By enticing one of your users to a specially
    designed web page containing NNTP content, an attacker could exploit
    this vulnerability to execute code on that user's computer with that
    user's privileges. Since typical Windows users have local administrative
    privileges, attackers can usually exploit this flaw to gain complete
    control of Windows machines.
    Microsoft rating: Critical.

    Leythos - (remove 999 to email me)

    Fight exposing kids to porn, complain about sites like PCBUTTS1.COM that
    create filth and put it on the web for any kid to see: Just take a look
    at some of the FILTH he's created and put on his website:
    http://forums.speedguide.net/archive/index.php/t-223485.html all exposed
    to children (the link I've include does not directly display his filth).
    You can find the same information by googling for 'PCBUTTS1' and
    'exposed to kids'.
    Leythos, Oct 10, 2007
    1. Advertisements

  2. Leythos

    chuckcar Guest

    Is that microsoft's buzzword for mime? god knows they don't do yEnc.

    an attacker could exploit
    Yet another result of "added capability" not doubt.
    chuckcar, Oct 10, 2007
    1. Advertisements

  3. Leythos

    Meat Plow Guest

    Wow that sucks for Windoze users.
    Meat Plow, Oct 10, 2007
  4. Leythos

    Pennywise Guest

    Pennywise, Oct 10, 2007
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.