Language Selection

English French German Italian Portuguese Spanish

Hackers probe Outlook Express flaw

Filed under
Microsoft

The risk of an attack related to a flaw in Microsoft Outlook Express climbed this week, after underground hacking sites began circulating sample code for exploiting it.

The exploit, which the French Security Incident Response Team drew attention to on Monday, is designed to take complete control of PCs with certain versions of the Outlook Express e-mail program installed on them, when users visit newsgroups controlled by the hackers.

But security experts said the risk of a widespread attack is low, because people must visit the malicious newsgroups for an attack to work. In addition, the exploit code that's in circulation has some glitches, said Michael Sutton, a lab director at security company iDefense.

It requires a reasonable amount of user intervention, which lowers the overall risk," Sutton said.

Nonetheless, iDefense urges people with vulnerable machines to install the patch Microsoft released last week to fix the flaw. The problem stems from a component of Outlook's newsreader program called Network News Transfer Protocol. The result of an attack could be serious.

"An attacker could install programs; view, change or delete data; or create new accounts with full user rights," Microsoft warned in a security bulletin for the patch last week. The company rated the vulnerability "important," which falls second to "critical" in its rating scale.

A Microsoft representative said the company is aware of the exploit code but is unaware of active attacks that have utilized it. Microsoft is monitoring the situation and is urging customers to apply its patch, the representative said. The company also directed people to report any attacks to Microsoft and the FBI.

The vulnerability has been found in several versions of Outlook Express, including releases 5.5 and 6.0 for Windows 2000, XP and Server 2003 machines, according to Microsoft. People don't have to launch the Outlook Express program, however, in order to fall victim to an attack.

Source.

More in Tux Machines

Meet UDOO X86, a Maker Board That's 10 Times More Powerful Than Raspberry Pi 3

Today we would like to introduce our readers to an upcoming maker board that features some very powerful components and aims to overpower every SBC (single-board computer) in its path. Read more

Watch: Ubuntu Convergence in Action on Meizu PRO 5 Ubuntu Edition with Miracast

Earlier today, May 23, 2016, the Ubuntu Community Manager at Canonical, Mr. Alan Pope, received his Meizu PRO 5 Ubuntu Edition smartphone, so he immediately ran some tests to see the Ubuntu convergence with his own eyes. Read more

Leftovers: Software

  • Roundcube Webmail 1.2.0 released
    We proudly announce the stable version 1.2.0 of Roundcube Webmail which is now available for download. It introduces new features since version 1.1 covering security and PGP encryption topics...
  • Roundcube Webmail 1.2 Adds PGP Encryption
    For those using the open-source Roundcube software for your webmail needs, Roundcube 1.2 is now available as the latest stable version.
  • Systemd 230 Opens Up A New Graphics Vulnerability & FBDEV Still Should Die
    A change made in the recent release of systemd 230 makes it easy for rogue user processes to be able to spy on your desktop, assuming a few conditions are met. If you are using FBDEV, such as with Wayland's Weston FBDEV back-end, other user processes can now read from the frame-buffer device. The change in systemd is, "Framebuffer devices (/dev/fb*) and 3D printers and scanners (devices tagged with ID_MAKER_TOOL) are now tagged with 'uaccess' and are available to logged in users."
  • systemd 230 Launches with DNSSEC Enabled by Default in systemd-resolved, More
  • 7 Best Command Line Navigation Tools
    The desktop environment with its bundle of programs sharing a common graphical user interface (GUI) remains a firm favorite with users. Not surprising really given that a good desktop environment makes computing fun and simple. The graphical desktop environment has become so ingrained in almost everyone's computer activities that it might seem the command line will wither away. Yet, there is still an important role to play for the humble command-line interface (CLI).
  • GNU Parallel 20160522 ('TTIPleaks') released
    GNU Parallel 20160522 ('TTIPleaks') has been released.

today's howtos