Suggest A Fix PC Support Forums > MS Alert:OE allows remote users to bypass security

Full Version: MS Alert:OE allows remote users to bypass security

Suggest A Fix PC Support Forums > Security > Security News and Warnings

73-997563179

Sep 10 2001, 07:43 AM

Outlook Express 6.0

A security flaw was reported in Microsoft's Outlook Express 6.00 e-mail client. With new file attachment security features enabled, a remote user can send a malicious executable attachment by creating an e-mail message that will circumvent Outlook Express's new security features. A target victim may be tricked into executing an attachment even when the security features are enabled.

A remote user can embed a malicious executable file within an HTML frame that is Base64 encoded:

<frameset rows="100%,*">
<frame src="malware.exe">
</frameset>

When this e-mail is received by the target (victim), the user will be asked for input as to the disposition of this message, even if the user has selected the new security option ("do not allow attachments to be saved or opened that could potentially be a virus").

It the remote user renames the *.exe file to a batch file (*.bat), and sends it in a "message/rfc822" MIME type, the file will be executed when the recipient clicks "open it." The recipient may be enticed to execute the file if it has an innocuous file name.

There was no solution available at the time of this alert.

Reported by Malware.com

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.