Security Incidents mailing list archives
Re: IE/WMP Exploit
From: Axel Pettinger <api () epost de>
Date: Wed, 16 Jun 2004 14:38:29 +0200
Carlos Kramer wrote:
Axel Pettinger wrote: Out of curiosity ... Is MS04-013 installed on your machine? What you've seen looks like the Adodb.Stream and ms-its problem.No KB837009 isn't installed. I normally remove Outlook Express and do not use it - so I'd assumed this patch wasn't required - silly me I should have read MS04-013 closer:-
I doubt that you're the only one thinking that way. If one doesn't use Outlook Express and didn't install it the last time IE was "upgraded" then the patch cannot be installed. (One has to do it manually or reinstall OE.) I'm not even sure whether the "Windows Update" page will report the patch as missing at all in such cases. And that although there're a few of OE's DLLs in the %windir%\system32 directory and often enough also the old OE directory still exists. Users think that they "fully patched" but they are not and still vulnerable ... :/
What systems are primarily at risk from the vulnerability? By default, Outlook Express is installed on all supported Windows systems. Microsoft recommends that this update be installed immediately on all systems. At least this explains why some of my VPN users have been able to get junkware/spyware on their systems when they aren't using our internal http proxy (which filters this cruft). Thanks.
No problem. Regards, Axel Pettinger --------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership. Download your free trial at http://www.securityfocus.com/sponsor/Astaro_incidents_040614 ----------------------------------------------------------------------------
Current thread:
- IE/WMP Exploit Carlos Kramer (Jun 15)
- Re: IE/WMP Exploit Axel Pettinger (Jun 15)
- <Possible follow-ups>
- Re: IE/WMP Exploit caldcv (Jun 15)
- Re: IE/WMP Exploit Axel Pettinger (Jun 16)
- Re: IE/WMP Exploit Carlos Kramer (Jun 16)
- Re: IE/WMP Exploit Axel Pettinger (Jun 16)