Language Selection

English French German Italian Portuguese Spanish

Hackers probe Outlook Express flaw

Filed under
Microsoft

The risk of an attack related to a flaw in Microsoft Outlook Express climbed this week, after underground hacking sites began circulating sample code for exploiting it.

The exploit, which the French Security Incident Response Team drew attention to on Monday, is designed to take complete control of PCs with certain versions of the Outlook Express e-mail program installed on them, when users visit newsgroups controlled by the hackers.

But security experts said the risk of a widespread attack is low, because people must visit the malicious newsgroups for an attack to work. In addition, the exploit code that's in circulation has some glitches, said Michael Sutton, a lab director at security company iDefense.

It requires a reasonable amount of user intervention, which lowers the overall risk," Sutton said.

Nonetheless, iDefense urges people with vulnerable machines to install the patch Microsoft released last week to fix the flaw. The problem stems from a component of Outlook's newsreader program called Network News Transfer Protocol. The result of an attack could be serious.

"An attacker could install programs; view, change or delete data; or create new accounts with full user rights," Microsoft warned in a security bulletin for the patch last week. The company rated the vulnerability "important," which falls second to "critical" in its rating scale.

A Microsoft representative said the company is aware of the exploit code but is unaware of active attacks that have utilized it. Microsoft is monitoring the situation and is urging customers to apply its patch, the representative said. The company also directed people to report any attacks to Microsoft and the FBI.

The vulnerability has been found in several versions of Outlook Express, including releases 5.5 and 6.0 for Windows 2000, XP and Server 2003 machines, according to Microsoft. People don't have to launch the Outlook Express program, however, in order to fall victim to an attack.

Source.

More in Tux Machines

Qt Creator 4.1 Brings Editor Improvements, Better CMake Support, and New Themes

A new stable version of the cross-platform and open-source Qt Creator IDE (Integrated Development Environment) software has been released recently for all supported platforms, including GNU/Linux, Mac OS X, and Microsoft Windows. Read more

Linux and Graphics

Security News

  • Hacking the American College Application Process
    In recent years, foreign students have streamed into American universities, their numbers nearly doubling in the last decade. About half of all international students are coming from Asian countries, many of which have been subject to heavy recruitment from American colleges. Taking advantage of the popularity of an American education, a new industry has sprung up in East Asia, focused on guiding students through the U.S. college application process with SAT preparation courses, English tutors and college essay advisors. But not all college prep companies are playing by the rules. In their investigative series for Reuters, a team of reporters found that foreign companies are increasingly helping students game the U.S. college application process. Some companies have leaked questions from college entrance exams to their students before they take the test. Others have gone so far as to ghostwrite entire college applications and complete coursework for students when they arrive on campus. We spoke with Steve Stecklow, one of the reporters on the team, about what they uncovered.
  • illusive networks' Deceptions Everywhere
    illusive networks' bread and butter is its deception cybersecurity technology called Deceptions Everywhere whose approach is to neutralize targeted attacks and Advanced Persistent Threats by creating a deceptive layer across the entire network. By providing an endless source of false information, illusive networks disrupts and detects attacks with real-time forensics and without disruption to business.
  • Mozila Offers Free Security Scanning Service: Observatory
    With an eye toward helpiing administrators protect their websites and user communities, Mozilla has developed an online scanner that can check if web servers have optimal security settings in place. It's called Observatory and was initially built for in-house use, but it may very well be a difference maker for you. "Observatory by Mozilla is a project designed to help developers, system administrators, and security professionals configure their sites safely and securely," the company reports.