[Dshield] block unneeded file ext

Darren Spruell phatbuckett at gmail.com
Thu Aug 16 16:23:43 GMT 2007


On 8/16/07, Rick Leir <rdshield at leirtech.com> wrote:
>
> > Outlook, Outlook Express) the advice is to disable the preview pane
> > and that problem goes away.
> >
> > My question is, does it? I seem to recall that there have been at
> > least a couple of vulnerabilities in client-side parsing libraries
> > that were exploitable even in the case that the preview pane was
> > disabled, or in other words that disabling the preview pane was not an
> > effective workaround for mitigating these vulnerabilities. I think
> > they may have been exposures in VML, GDI, ANI or similar. In this
> > case, the net effect is that without actual user interaction, the
>
> Yes, I do recall such exploits.  Was it .xls or MS database attachments
> that were executed before the user was prompted for confirmation.  There
> were Microsoft patches but not everyone updates their machine.

Thanks, didn't realize this was part of the other thread.

Does anyone know advisory URL(s) this flaw (or similar ones?)

DS


More information about the list mailing list