Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Microsoft Security Advisory (935423) Vulnerability in Window
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
dinput.dll »
« Pimp my Tinfoil hat  
AuthorAll Replies


EGeezer
Go Bobcats
Premium
join:2002-08-04
Country!
·Callcentric
·RoadRunner Cable
·AT&T CallVantage

reply to Mele20
Microsoft has its priorities well placed ...

said by Mele20 See Profile :

I have always read my incoming email in OE in Plain Text. That has been excellent protection until this. Alexander Sotirov from Determina recommends reading ALL MAIL with Telnet. That is sure going to be fun.
I use a really old version of Mailwasher (2.0.28 beta) to screen, preview and scrub junk while it's on my ISP's POP server. It's been quite effective and requires minimal effort.

What really gripes me is that Microsoft has not issued a fix for this, but I just saw the second non-patch Tuesday WGA update notification. MS didn't wait for patch Tuesday to issue these "high priority updates".

[sarcasm]
But I'm sure that WGA updates must be a more meaningful priority for users than these insignificant little security holes. But at least I know if my systems become infected, they'll be using "genuine copies" of a vulnerable OS.
[/sarcasm]
--
03:14:07 UTC Tuesday, Jan. 19, 2038 - a date that will live in infamy...
to forum · permalink · · 2007-03-31 23:41:13 · Reply to this


AB
Premium
join:2006-04-04
Leesburg, VA

reply to Mele20
Re: Microsoft Security Advisory (935423) Vulnerability in Window

said by Mele20 See Profile :

Whoa! This is nasty! There is NO WAY to protect yourself if you use Outlook Express (even if you use IE7)
Don't use an animated cursor?
to forum · permalink · · 2007-03-30 15:34:50 · Reply to this

Mele20
Premium
join:2001-06-05
Hilo, HI

reply to NICK ADSL UK
Whoa! This is nasty! There is NO WAY to protect yourself if you use Outlook Express (even if you use IE7) and even Windows Vista Mail is somewhat vulnerable. From Microsoft Security Advisory (935423):

"Caveat: Reading e-mail in plain text on Windows Vista Mail does not mitigate attempts to exploit the vulnerability when Forwarding and Replying to mail sent by an attacker.

Note: Reading e-mail in plain text on Outlook Express does not mitigate attempts to exploit this vulnerability."

I have always read all email in OE in Plain Text. That has been excellent protection until this. Alexander Sotirov from Determina recommends reading ALL MAIL with Telnet. That is sure going to be fun.
--
"If you want to do DRM on a PC then you need to treat the user as the enemy." Ross Anderson in "`Trusted Computing' Frequently Asked Questions"

»www.msfirefox.com/
to forum · permalink · · 2007-03-30 06:24:40 · Reply to this
Forums » Up and Running » Security » Securitydinput.dll »
« Pimp my Tinfoil hat  

Friday, 04-Dec 11:42:45 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.republican-creole
page compression OFF
Most commented news this week
· [163] Comcast Releasing Promised Usage Meter
· [144] Avast Antivirus Has Gone Mad
· [110] Comcast Makes NBC Universal Acquisition Official
· [104] Graduate Student Unveils Sprint's GPS Sharing With Feds
· [95] Google Invades ISP, OpenDNS Turf With Google Public DNS
· [81] Latest Consumer Reports Survey Not Kind To AT&T
· [72] Sprint Defuses GPS Privacy Media Bomb
· [71] FCC Ponders Moving From PSTN To IP Voice
· [70] Baltimore To Ban Lazy Cable Installs
· [64] Broadband Killed The Game Console
Most people now reading
· False positive in Avast! or is it real? [Security]
· Google takes aim at browser redirection [Security]
· [WotLK] Doing away w/ conquest? [World of Warcraft]
· IMG 1.7 (IMG Updates and Discussion) [Verizon FIOS TV]
· Connecting to Google Voice Via SIP [VOIP Tech Chat]
· Windows 7 boot manager editing questions [Microsoft Help]
· [DNS] Google's public DNS... performance increases? [Comcast HSI]
· [Rant] Disrespect of PTO [Rants, Raves, and Praise]
· [Rant] called out sick! [Rants, Raves, and Praise]
· Linux is terrorist - according to MS... [All Things Unix]