[Full-Disclosure] Fw: warning

From: Thor Larholm (full-disclosure@lists.netsys.com)
Date: 07/30/02


From: full-disclosure@lists.netsys.com (Thor Larholm)
Date: Tue, 30 Jul 2002 17:52:10 +0200


----- Original Message -----
From: "Thor Larholm" <thor@pivx.com>
To: <guninski@guninski.com>; <NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM>;
<bugtraq@securityfocus.com>
Sent: Tuesday, July 30, 2002 5:22 PM
Subject: RE: warning

> If your vulnerability deals with the "Office Web Components" then no
warning
> should be necessary at this point, since Microsoft already yanked the OWC
> downloads (both OWC 9 and 10) from their download pages back in April when
> GreyMagic Software uncovered several vulnerabilities in them.
>
> From their download page (
> http://office.microsoft.com/downloads/2002/owc10.aspx ):
> "Microsoft has temporarily removed the Office Web Components while we
> conduct an investigation of potential security vulnerabilities. At the
> completion of our investigation, the OWC will be reposted. Thank you for
> your patience."
>
> Appareantly, researching these vulnerabilities must be very hard on MS
> (despite their simplicity) since this has been so for a quarter of a year
by
> now. The vulns that triggered this action:
>
> http://sec.greymagic.com/adv/gm005-ie/
> http://sec.greymagic.com/adv/gm006-ie/
> http://sec.greymagic.com/adv/gm007-ie/
> http://sec.greymagic.com/adv/gm008-ie/
>
> And again, these are still unpatched together with the total of 21
publicly
> known unpatched vulnerabilities currently found in IE:
>
> http://www.pivx.com/larholm/unpatched/
>
> Of course, if you have installed Office by itself then you probably
already
> have OWC installed. Luckily this can be uninstalled separately by going to
>
> ControlPanel - Add/Remove programs - Office - Change - Office Tools -
> Office Web Components.
>
> If a system administrator installed OWC from a network share, then OWC
will
> be silently re-installed when used again - in which case you are out of
> luck.
>
> If your vulnerability did not deal with OWC, then apologize my intrusion
and
> let me guess on a Content-Type/Content-Disposition variant - though your
> suggested workaround would make no sense then :)
>
>
> Regards
> Thor Larholm, Security Researcher
> PivX Solutions, LLC
>
> Are You Secure?
> http://www.PivX.com
>
> -----Original Message-----
> From: Georgi Guninski [mailto:guninski@GUNINSKI.COM]
> Sent: 30. juli 2002 16:36
> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
> Subject: warning
>
>
> Consider this a warning, full details to come soon.
> windows + ie 6.0 + office xp may get owned by visiting a web page.
> workaround/solution: disable "activex and plugins" until someone produce a
> patch.
> After this warning, don't whine about responsibity issues - first check
> microsoft's responsiblity in "help -> about"
>
> Georgi Guninski
> http://www.guninski.com
>



Relevant Pages

  • [Full-Disclosure] Fw: warning
    ... Subject: warning ... > should be necessary at this point, since Microsoft already yanked the OWC ... > conduct an investigation of potential security vulnerabilities. ...
    (Full-Disclosure)
  • Re: warning
    ... If your vulnerability deals with the "Office Web Components" then no warning ... should be necessary at this point, since Microsoft already yanked the OWC ... GreyMagic Software uncovered several vulnerabilities in them. ...
    (NT-Bugtraq)
  • RE: warning
    ... If your vulnerability deals with the "Office Web Components" then no warning ... should be necessary at this point, since Microsoft already yanked the OWC ... GreyMagic Software uncovered several vulnerabilities in them. ...
    (Bugtraq)
  • Computer Security Alert
    ... Is this offer and warning actually coming from ... Internet Explorer ... With one of the vulnerabilities, ... which exploits a hole in Windows and crashes ...
    (microsoft.public.windowsxp.security_admin)