RE: HTML email "bug", of sorts.

["David LeBlanc" <dleblanc () mindspring com>]

If you're filtering outbound traffic in a corporate environment (something
I'd recommend), it will stop that sort of thing. Additionally, if you're
just a normal dial-up user, you can stop it by opening your connection icon,
choose properties, networking, and make sure "File and Printer Sharing for
Microsoft Networks" is unchecked, as well as "Client for Microsoft
Networks". The first is off by default, the second is enabled by default. If
you are a dial-up user, and not on a home LAN, turning off the Workstation
service will accomplish the same thing. Additionally, a home user can enable
SMB signing, which also defeats the attack. Rolling out SMB signing in a
corporate environment is a bit more complicated.

> -----Original Message-----
> From: thomas.rowe () bankofamerica com

> And if you were running WinNT 4 and that referrer pointed to a server
> advertising a share, NT would send your username and password
> to try to log
> you on without your knowledge. It could be grabbed and sent
> back to your
> machine, logon, and the atttacker would have all rights to
> your machince and
> network that the ID you're using has.
> (as I've mentioned before, MS has known about this hole since
> before SP2)