Archived posting to the Leica Users Group, 2000/07/19

[Author Prev] [Author Next] [Thread Prev] [Thread Next] [Author Index] [Topic Index] [Home] [Search]

Subject: Re: [Leica] virus warning
From: George Lottermoser <imagist@concentric.net>
Date: Wed, 19 Jul 2000 22:14:13 -0500

For a view that does not come from MS.
** Dangerous New Microsoft Cracking Threat

The System Administration, Networking, and Security (SANS)
Institute on 
Monday identified what it called "probably the most dangerous
programming error" found in any workstation running Windows 95,
98, 
2000, and NT 4.0.

A security alert issued by the cooperative research and education
group 
states that users are vulnerable to a total compromise when they 
preview or read an infected E-mail--without having to open any 
attachment--if they're running any of the affected operating
systems 
and have Microsoft Access 97 or 2000, Internet Explorer 4.0 or
higher, 
including version 5.5 that ships with Windows 2000.

According to the institute, the exploit was first discovered June
27, 
but Microsoft requested that SANS not release the details of the 
vulnerability until the company developed a fix. Microsoft posted
a 
workaround on July 14 that is available at www.sans.org. Users
running 
systems with Outlook, Outlook Express, Eudora, or any mail reader
that 
uses Internet Explorer to render HTML documents are also
vulnerable to 
this exploit through E-mail.

According to the SANS advisory, a hacker could get into Microsoft 
Access using ActiveX controls without the victim knowing that
it's 
happening. "This is a very serious problem," says Forrester
Research 
analyst Frank Prince. "Anyone with Visual Basic knowledge could 
potentially send an E-mail -- that doesn't have to be opened--and
give 
the hacker complete access to the user's system."

Prince says he agrees with SANS's decision not to publicize the 
vulnerability until a patch was available. "The bar is so low for
this 
exploit, and the potential for damage so high, a lot of people
with 
Visual Basic knowledge would jump on the Internet to see what
they 
could do. I'll bet a lot are doing just that right now," he says.
For a 
complete workaround for the security flaw, visit 
http://www.sans.org/newlook/resources/win_flaw.htm. --George V.
Hulme
====== End Forwarded Message ======

George

Replies: Reply from "Dan Post" <dpost@triad.rr.com> (Re: [Leica] virus warning)