__/ [ Rex Ballard ] on Friday 19 May 2006 23:29 \__
> __/ [ Sinister Midget ] on Friday 19 May 2006 19:48 \__
> > On 2006-05-19, Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> posted
> > something concerning:
> >> E-mail attacks target unpatched Word hole
> >> ,----[ Quote ]
> >>| Symantec warned subscribers to its DeepSight Threat Management Service
> >>| that it had confirmed reports of active exploitation of a hole in
> >>| Microsoft Word 2003. The attacks use Word document attachments in
> >>| e-mail messages to trigger the security hole and run code that
> >>| gives attackers control over vulnerable systems, Symantec said.
> >> `----
> >> No patch yet.
> >> http://news.yahoo.com/s/infoworld/20060519/tc_infoworld/78499
> > "confirmed reports" probably means it's been known for a few days
> > already.
Perhaps Peter Kohlmann has known about the issue for a month, which is why
the black helicopters kidnapped him.
> > Wonder how long it takes the monopoly to fix it. With any luck (for
> > windummies) it won't take half as long as it took them to get a final
> > release of Crashta la VISTA out.
*LOL* Never heard this one before.
I often wonder: with all of these different versions of Windows and so many
listed bugs just 'lying on the pile' awaiting a patch, how can Microsoft
actually create a new operating system? I mean, they are dealing with a
whole trail of faulty versions (of Windows, of Office, of IIS and Exchange
servers). No wonder they found themselves dropping Longhorn in September
2005 after 4 years of development in vain. You can't construct a building's
20th floor is the 19th floor is broken, let alone if the 10th floor is
> Confirmed reports usually means it's been happening for a few weeks.
> Microsoft doesn't allow publication of CERT alerts and vulnerability
> reports until they have a fix.
> Semantic doesn't usually publish vulnerabilities unless they are in the
> final testing phase of a solution (need to find affected victims).
> It usually takes a few hundred reports of successful attacks to make
> sure that the virus is worth the effort to chase it, which usually
> takes a few weeks to build up to that level.
> MS-Office attachments are vulnerable by nature. Tho whole OLE/COM
> infrastructure is designed to let attachments run any code, access any
> file, and do what is necessary to run the necessary "display" functions
> to render it.
My deepest sympathies to those whose security relies on the arrogant people
Roy S. Schestowitz | Microsof(fshore)t Window(ntime)s Vista(gnating)
http://Schestowitz.com | Open Prospects ¦ PGP-Key: 0x74572E8E
6:40am up 22 days 13:37, 11 users, load average: 0.49, 0.62, 0.75
http://iuron.com - knowledge engine, not a search engine