Re: NOT GOOD: Outlook Express 6 + Internet Explorer 6
From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: Thu, 1 Apr 2004 12:37:52 -0500 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Fully Functional Harmless Demo:
note: regardless of where this is viewed, it is governed by the 'restricted zone' at all times
In this particular demo, we drop malware.exe into C: trivial tweaking via shell or full path places it wherever we like. This fully functional demo is heavily diluted. Practical implementation requires minor modifications on the transmitting client side. This demo will be flagged by AV suites owing to past usage and recognisable code.
This also works just fine on Outlook 2003 in default configuration with Exchange Outlook Security Template with IE 6.x fully patched. Suspect earlier versions of Outlook work also.
Russ - NTBugtraq Editor
NTBugtraq Editor's Note:
Wondering how to unsubscribe from NTBugtraq? Just send a message to Listserv@listserv.ntbugtraq.com with unsubscribe ntbugtraq in the message body, you don't need a subject line. If it says you aren't subscribed, you've either subscribed with a different email address or your address has changed somehow. Just email Russ.Cooper@rc.on.ca and I'll remove you.