The security flaw in Outlook Express revealed by Microsoft in their June Security Bulletin, and covered by Aunty here, has taken on a new urgency as certain websites have begun sharing samples of the code required to take advantage of the security flaw.
While the flaw is still considered to be low-risk in terms of the likelihood of exploitation, it is high-risk in terms of how serious the exploitation can be if it does occur, including allowing an attacker to take complete control of the user’s computer.
In order for an attacker to gain access to the user’s computer however, the user must use Outlook Express to read Usenet newsgroups, enabling the Network News Transfer Protocol (NNTP), and further, the user must then visit a Usenet group which contains the malicious code designed to take advantage of the flaw.
Still, because the flaw and associated exploit are potentially so serious, all users with affected systems are being urged by Microsoft to update their systems [Page no longer available – we have linked to the archive.org version instead].
|No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?