Bugtraq mailing list archives
Re: Microsoft Security Bulletin MS01-055
From: "Clover Andrew" <aclover () 1value com>
Date: Mon, 12 Nov 2001 16:14:53 +0100
Microsoft Product Security <secnotif () MICROSOFT COM> wrote:
Mitigating Factors: [...]
Users who have set Outlook Express to use the "Restricted Sites" Zone are not affected by the HTML mail exploit of this vulnerability
Sorry, but this is not true. Whilst pages in the Restricted Sites zone are barred from using active scripting, there are other ways of redirecting the user to a malicious about: URL. Two I can think of straight away that require no user intervention are: <meta http-equiv="refresh" content="1;url=about:..."> <iframe src="about:..."> both work on Outlook 2000 with mail content in the Restricted Sites zone. Since I stated exactly this whilst discussing the previous vulnerability with secure@microsoft, I'm disappointed to see this argument wheeled out again. -- Andrew Clover Technical Consultant 1VALUE.com AG
Current thread:
- Microsoft Security Bulletin MS01-055 Microsoft Product Security (Nov 08)
- Re: Microsoft Security Bulletin MS01-055 CDE Francis (Nov 09)
- <Possible follow-ups>
- Re: Microsoft Security Bulletin MS01-055 Tobias DiPasquale (Nov 12)
- Re: Microsoft Security Bulletin MS01-055 Clover Andrew (Nov 12)