[Dshield] ISC; MS06-003

Ed Truitt ed.truitt at etee2k.net
Tue Jan 10 21:58:29 GMT 2006

MS06-003 is a vuln in TNEF processing in Office/Outlook and Exchange (5.x and 2000) which was published today.

-----Original Message-----
From: "Sean Smith" <ssmith at kwqc.com>
Date: Tue, 10 Jan 2006 14:50:08 
To:"General DShield Discussion List" <list at lists.dshield.org>
Subject: [Dshield] ISC; MS06-003

ISC has a new security bulletin they say was released today for Exchange
Server... Exchange is showing needing no updates and I cannot find a
thing regarding MS06-003 at microsoft.com... Anyone have any info on

"The second issue, MS06-003, affects Outlook and Microsoft Exchange and
it also looks fairly serious.  If you can't patch your Exchange servers
immediately, read the "workarounds" section of the bulletin for
information about blocking files that could be triggering this
vulnerability.  It mentions the possibility of blocking email with an
attachment name "Winmail.dat", however this will create other issues.
Read the entire "workarounds" section of the bulletin for the complete

Sean M. Smith
KWQC-TV6 Engineering
SSmith at kwqc.com
(563) 383-7000 ext.7582
"We are secondhand people. We have lived on what we have been told,
either guided by our inclinations, our tendencies, or compelled to
accept by circumstances and environment." - Jiddu Krishnamurti



Confidentiality: This e-mail communication and any attachments thereto
contain information which is confidential and are intended only for the
use of the individuals or entities named above.  If you are not the
intended recipient, you are hereby notified that any disclosure,
copying, distribution or the taking any action in reliance on the
contents of these documents is strictly prohibited and may be illegal.
Please notify us of your receipt of this e-mail in error and delete the
e-mail and any copies of it.

Learn about Intrusion Detection in Depth from the comfort of your own couch:

send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list

-E D Truitt

Sent via my BlackBerry from Cingular Wireless

More information about the list mailing list