Article

Experts fear big implications for Windows flaw

Joan Goodchild, News Writer

Security experts are advising Windows managers to apply the latest Microsoft patches quickly since it affects two of the most widely used Microsoft products: Outlook and Exchange.

The paramount concern is the critical TNEF (Transport Neutral Encapsulation Format) flaw addressed in MS06-003. If a hacker finds a way to take advantage of the weakness, it could impact older versions of Exchange server as well as Outlook.

Next Generation Security Software Ltd, a U.K.-based security consulting firm credited with finding the TNEF exploit, believes it has the potential to be far more devastating than the Microsoft Windows Meta File (WMF) flaw.

"With WMF, a corporation could block access to problem sites," said John Heasman, a principal security consultant with the firm. "But, whereas all companies rely on e-mail, this has the potential to be much worse."

Other related stories

Expert: Microsoft TNEF flaw could lead to superworm

Windows desktop is now a hot target for hackers

What has security analysts most concerned is that one malicious e-mail is all that is necessary to launch a worm-type attack on the system that receives it. A worm, which is a self-replicating virus typically spread by e-mail, could potentially be processed by an Exchange server and then target all Outlook clients accessing that system. The flaw does not affect Exchange Server 2003, but Outlook 2003 and other recent versions are not protected.

"This requires no user interaction," said Alain Sergile, a technical products manager with Internet Security System Inc.'s X-Force team in Atlanta. "Outlook has a broad footprint, and that makes this much more significant."

Chatter among users had a much calmer tone. Patch management forums, such as the patchmanagement.org mailing list run by Shavlik Technologies in Roseville, Minn., did not contain any discussions about the concern surrounding MS06-003. Windows administrators on that list were not reporting any major problems with deploying the patch either.

There was little buzz among users that consultant Lee Benjamin speaks to regularly. The owner of Exchange Guy Consulting in Boston said he normally hears if there is a big security issue with Exchange server.

"I had not heard about it yet," said Benjamin. "But for shops who apply fixes quickly, this should not be a problem."


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: