Language Selection

English French German Italian Portuguese Spanish

Hackers probe Outlook Express flaw

Filed under
Microsoft

The risk of an attack related to a flaw in Microsoft Outlook Express climbed this week, after underground hacking sites began circulating sample code for exploiting it.

The exploit, which the French Security Incident Response Team drew attention to on Monday, is designed to take complete control of PCs with certain versions of the Outlook Express e-mail program installed on them, when users visit newsgroups controlled by the hackers.

But security experts said the risk of a widespread attack is low, because people must visit the malicious newsgroups for an attack to work. In addition, the exploit code that's in circulation has some glitches, said Michael Sutton, a lab director at security company iDefense.

It requires a reasonable amount of user intervention, which lowers the overall risk," Sutton said.

Nonetheless, iDefense urges people with vulnerable machines to install the patch Microsoft released last week to fix the flaw. The problem stems from a component of Outlook's newsreader program called Network News Transfer Protocol. The result of an attack could be serious.

"An attacker could install programs; view, change or delete data; or create new accounts with full user rights," Microsoft warned in a security bulletin for the patch last week. The company rated the vulnerability "important," which falls second to "critical" in its rating scale.

A Microsoft representative said the company is aware of the exploit code but is unaware of active attacks that have utilized it. Microsoft is monitoring the situation and is urging customers to apply its patch, the representative said. The company also directed people to report any attacks to Microsoft and the FBI.

The vulnerability has been found in several versions of Outlook Express, including releases 5.5 and 6.0 for Windows 2000, XP and Server 2003 machines, according to Microsoft. People don't have to launch the Outlook Express program, however, in order to fall victim to an attack.

Source.

More in Tux Machines

Red Hat News

Debian News

  • You Can Now Have All the Debian Live 8.5.0 Editions on a Single ISO Image
    Coming hot on the heels of the Linux AIO Debian Live 7.11.0 release, Linux AIO Debian Live 8.4 is now available for download for all those who want to have a single ISO image with all the essential Debian GNU/Linux 8.5.0 Live CDs. Linux AIO Debian Live 8.5.0 will offer you a bootable, live ISO image that contains the Debian GNU/Linux 8.5.0 Cinnamon, Debian GNU/Linux 8.5.0 KDE, Debian GNU/Linux 8.5.0 GNOME, Debian GNU/Linux 8.5.0 MATE, Debian GNU/Linux 8.5.0 Xfce, and Debian GNU/Linux 8.5.0 LXDE Live editions.
  • DebCamp16 day 1
    Hating jetlag based headache. Disturbed to see the Brexit result. Review wiki RecentChanges. Answer some questions about Launchpad on #debian-mentors. Whitelisted one user in the wiki anti-spam system. Reviewed and sponsored yamllint 1.2.2-1 upload. Noted OFSET repo is broken and updated Freeduc info. Noted the Epidemic-Linux website is having database issues. Noted that Facebook finally completely dropped their RSS feeds, dropped Facebook RSS feed URL generation from the Debian derivatives census scripts and notified the affected derivatives. Cleared up Tanglu hash sum mismatches again. Minor changes to Planet Debian derivatives.
  • DebCamp16 day 2
  • twenty years of free software -- part 5 pristine-tar

Docker News

  • How Salesforce Secures Docker Containers
    Running Docker containers securely as part of a DevOps pipeline is a process that has many steps and requires diligence. That's the message coming from Cem Gurkok, lead information security engineer at Salesforce, in a session at the DockerCon 16 conference here. While containers do represent a somewhat different paradigm for developers, security professionals might have a different view.
  • DockerCon Showcases New Docker Release, Containers-as-a-Service Model
    Docker is one of the most hyped technologies in IT today, as containers have gone mainstream. At the DockerCon 16 event, which was held June 19-21 at the Washington State Convention Center in Seattle, 4,000 people gathered to learn and talk about Docker. Among the news coming out of the event was the release of Docker 1.12, which includes an integrated container orchestration capability referred to as Swarm mode. Docker CEO Ben Golub, meanwhile, said IaaS and PaaS either deliver too little or too much of what an organization needs, so he sees the emerging containers-as-a-service (CaaS) space growing, which is where Docker is aiming to play with its Docker Datacenter technology. Golub also announced a public beta of the Docker Store, which is a curated set of containerized applications that users can obtain, Also debuting was the public beta release of the Docker native application for Windows and Mac, opening up those products from the private beta that was first announced in March. Other public betas announced at DockerCon were Docker for Azure and Docker for AWS public clouds. The general idea with the new public beta releases is to provide more seamless, integrated experiences for users of specific platforms when using Docker. In a keynote at the conference, Docker founder Solomon Hykes claimed most people don't care about containers; they actually just really care about applications. In this slide show, eWEEK takes a look at some of the highlights of the DockerCon 16 conference.
  • Docker Datacenter Launched
  • Why Docker is Like Chicken Nuggets and Waffle Cones
    There is a lot of hype and some confusion in the world of IT today about precisely what Docker is and how it enables the emerging world of micro-services. At the Dockercon 16 conference this week in Seattle, there were many talks explaining Docker capabilities, but it was perhaps the Day 2 keynotes that explained it best with some exemplary metaphors. According to Keith Fulton, CTO at ADP, Docker is a lot like chicken nuggets and waffle cones (though not necessarily eaten together at the same time). ADP, one of the world's largest payroll processing firms, has over 630,000 clients. Fulton noted that ADP does more than just payroll today, and considered itself to be a Human Capital Management (HCM) firm, with services including recruiting and 401K planning.

today's howtos