Re: Outlook makes 99% CPU Usage with this message

[JiaQuan Ma <Jiaquan () drexel edu>]

Hi,

I guess you might need to increase your virtual memory for your computer.  I
am currently using Microsoft Outlook with 500 saved messages about 33 MB.
My PC is PIII 800 with 256MB memory.  Anytime I check the next message, it
will delay me about one second.  During this one second, the CPU usage
doesn't go that much, in my case it is from 3% to 13%.  But memory and cache
are changing a lot.  And almost everything froze.  Increasing virtual and
physical memory can
generally make your computer work faster and stable.

The other reason for that is Microsoft products deal with each other mostly.
For instances, if the e-mail has attachment as PDF or doc.  Windows is going
to launch Acrobat and Word on top of itself, which makes more and more
amount of data that the memory has to handle by the same program.

Thank you very much.

Best Regard,

JiaQuan Ma
Sophomore Student
Dept. of Mathematics and Computer Science
Drexel University

----- Original Message -----
From: "Wyatt, Anthony (ITS, Limestone Av)" <Anthony.Wyatt () its csiro au>
To: "'Kayne Ian (Softlab)'" <Ian.Kayne () softlab co uk>; "Vuln-Dev"
<VULN-DEV () securityfocus com>
Sent: Wednesday, August 29, 2001 7:32 PM
Subject: RE: Outlook makes 99% CPU Usage with this message


> Hi All,
> My outlook hung (O2K v9.0.0.4527) W2k sp2 + hotfixes.
>
> When I opened it outlook stoped, in my task manager the memory usage
counter for outlook kept going up (only watched for 1.5 mins) and got to
17M.
> Anthony
>
> > -----Original Message-----
> > From: Alexander Sarras (SEA) [mailto:Alexander.Sarras () sea ericsson se]
> > Sent: Thursday, 30 August 2001 4:27 AM
> > To: 'Kayne Ian (Softlab)'; Vuln-Dev
> > Subject: RE: Outlook makes 99% CPU Usage with this message
> >
> >
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Sorry no probs on O2K SR-1 (v9.0.0.5415) w/ W2K SP2 (v5.0.2195 sp2)
> >
> > SaS
> > - --
> > Dr. Alexander Sarras
> > Product Unit Enterprise Communication Systems
> > Ericsson Enterprise AB
> >
> > Tel:   +43/1/811 00 4668
> > Fax:   +43/1/811 00 11 4668
> > email: Alexander.Sarras () ericsson com
> >
> >
> > > -----Original Message-----
> > > From: Kayne Ian (Softlab) [mailto:Ian.Kayne () softlab co uk]
> > > Sent: Wednesday, August 29, 2001 5:19 PM
> > > To: Vuln-Dev
> > > Subject: Outlook makes 99% CPU Usage with this message
> > >
> > >
> > > Hey all,
> > > This is a strange one. I've been hashing this about for
> > > a while, and
> > > come up with the following. In the attached zip is a message
> > > saved out in
> > > Outlook normal message format. You can open, read, close,
> > > forward etc this
> > > message absolutely fine. But when you try and click reply, it
> > > immediately
> > > sends Outlook to 100% CPU usage, and it doesn't come back. I
> > > have no idea
> > > why, but it seems to be outlook getting confused with the
> > > message body - if
> > > you hex the .msg file you'll see 2 lines of asterixes that
> > > are not displayed
> > > (and no, it's not cause they are white text on white
> > > background, you should
> > > still be able to highlight them, but they just arent there).
> > >
> > > Now, this crashes my Outlook every time. Thats Outlook 2k
> > > v9.0.0.3821 running on Win2k Pro. It's crashed a few other
> > > ppls outlooks,
> > > but strangely on some Outlooks (same version as mine) it has
> > > no effect. I'm
> > > wondering if it's to do with a certain combination of patches
> > > etc installed.
> > >
> > > So, 2 things for you guys. Firstly, do the following:
> > >
> > > 1. Exit outlook
> > > 2. Unzip the .msg file from the zip
> > > 3. Load outlook
> > > 4. Double click the .msg file from explorer or somwhere
> > > 5. Click the Reply button
> > >
> > > It should crash Outlook immediately. The Exit/Load outlook thing is
> > > important.
> > >
> > > Secondly, if that doesn't crash, see if you can see 2
> > > rows of *'s
> > > around the disclaimer. If you save the message as rtf or
> > > plain text, or hex
> > > dump the .msg the asterixes are there. But not when you view
> > > the message in
> > > Outlook. I have no idea of the format of a .msg file, so
> > > maybe someone else
> > > with more experience with this stuff can help?
> > >
> > > Anyway, I can't garantee it will work, and that it's not just my
> > > machines being screwy. But if it does work, and maybe if it's
> > > exploitable,
> > > it's pretty damn nasty. An invisible exploit in a plain
> > > message with no
> > > attachment that only needs a click on Reply to work? Ouch.
> > >
> > > Ian Kayne
> > > Technical Specialist - IT Solutions
> > > Softlab Ltd - A BMW Company
> > >
> > >  <<Test.zip>>
> > >
> > >
> > > ********************************************************************
> > >  This email and any files transmitted with it are confidential and
> > > intended solely for the use of the individual or entity to whom
> > > they are addressed.
> > >
> > > If you are not the intended recipient or the person responsible for
> > >  delivering to the intended recipient, be advised that you
> > > have received
> > > this email in error and that any use of the information
> > > contained within
> > > this email or attachments is strictly prohibited.
> > >
> > > Internet communications are not secure and Softlab does not accept
> > > any legal responsibility for the content of this message. Any
> > > opinions
> > > expressed in the email are those of the individual and not
> > > necessarily
> > > those of the Company.
> > >
> > > If you have received this email in error, or if you are
> > > concerned with
> > > the content of this email please notify the IT helpdesk by
> > > telephone  on +44 (0)121 788 5480.
> > >
> > > ********************************************************************
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: PGP 7.1
> >
> > iQA/AwUBO400BH/j44UBWb5aEQLjHACg0e9rt+KSg/KpkOCLqBkQSwauiEEAnimB
> > wpoYsOixhkkX8Uuc5gUsn26X
> > =ffEc
> > -----END PGP SIGNATURE-----