Re: Alert: Microsoft Security Bulletin - MS03-036

• Previous message: Marc Maiffret: "EEYE: VBE Document Property Buffer Overflow"
• Maybe in reply to: Russ: "Alert: Microsoft Security Bulletin - MS03-036"
• Next in thread: Gary Flynn: "Re: Alert: Microsoft Security Bulletin - MS03-036"
• Reply: Gary Flynn: "Re: Alert: Microsoft Security Bulletin - MS03-036"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Wed, 3 Sep 2003 16:09:24 -0400
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

Criticality of this is horribly underrated by Microsoft.

This is critically important for all Windows MS Office users - "the user must open the attachment" is no protection because most users open attachments to see what they are.

If the infected Word Perfect document is given a .DOC extension, Word will be invoked directly when the user double-clicks the attachment. Word will automatically recognize and convert the document, and run the hostile code with no further opportunity for the user to stop the virus.

The vulnerability could also be exploited through a web page, and the user would get no chance to say "No" if ActiveX is enabled.

-ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Whatever Happened to Octopus?

LEGATO RepliStor, formerly known as Octopus, delivers breakthrough
replication performance that's 5X faster than the competition in an
independent head-to-head test. Learn how RepliStor uses patented,
asynchronous, real-time replication, to deliver disaster recovery, data
distribution and consolidated backups. It is the first replication solution
to achieve Windows 2003 certification. Get the performance report now.

http://portal1.legato.com/products/replistor/upgrade.cfm

-ooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

• Previous message: Marc Maiffret: "EEYE: VBE Document Property Buffer Overflow"
• Maybe in reply to: Russ: "Alert: Microsoft Security Bulletin - MS03-036"
• Next in thread: Gary Flynn: "Re: Alert: Microsoft Security Bulletin - MS03-036"
• Reply: Gary Flynn: "Re: Alert: Microsoft Security Bulletin - MS03-036"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Folder Redirection over a slow WAN ... to install Windows Server 2003 at the remote site, ... Frequently Asked Questions About Windows Small Business Server 2003 ... the replication depends on replication schedule you have ... Policy slow link detection to limit to apply group policy for the branch ... (microsoft.public.windows.server.sbs) Re: NTFRS ... I was worried this would create a new sysvol but it hasn't so it looks to be ... I have no outbound replication showing from repadmin on Win2003 ... The server holding the PDC role is down. ... Windows 2003 - no other controllers. ... (microsoft.public.win2000.active_directory) RE: Help - Users cant log in ... ... I ran adprep/forestprep & domain prep on windows 2000 server ... I loaded Active directory to the 2003 server and made it a second DC ... > replication of Active Directory. ... (microsoft.public.windows.server.migration) Re: "Windows 2000 native" vs "Windows 2003 Server" functional leve ... Just like Neil said... ... Raise domain level for all domains in the forest ... I have read different articles about the replication enhancements of ... going to "Windows 2003 Server" level. ... (microsoft.public.windows.server.active_directory) Re: Replicate AD from Win2000 to Win2003 ... MS-KBQ325379_How to Upgrade Windows 2000 Domain Controllers to Windows ... MS-KBQ324392_Enhancements to Adprep.exe in Windows Server 2003 Service ... MS-KBQ887426_Incorrect Schema extension for OS X prevents ForestPrep ... * Disable OUTBOUND replication on another DC ... (microsoft.public.win2000.active_directory)