File Transfer Manager (FTM) vulnerablity???
From: Michael Weiss (FooWeissBarMike@hotmail.com)
Date: 08/20/02
- Next message: Bimp: "Authentication problem"
- Previous message: KARIN: "Re: can't log into secure sites"
- Next in thread: Joe Newell: "Re: File Transfer Manager (FTM) vulnerablity???"
- Reply: Joe Newell: "Re: File Transfer Manager (FTM) vulnerablity???"
- Reply: Rich Benack [MS]: "Re: File Transfer Manager (FTM) vulnerablity???"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Michael Weiss" <FooWeissBarMike@hotmail.com> Date: Tue, 20 Aug 2002 09:37:00 -0400
I received this email below, is this legit?
-----BEGIN PGP SIGNED MESSAGE-----
Dear Microsoft Customer -
The Microsoft Security Response Center has learned of a security
vulnerability affecting a software component used only by members of
certain Microsoft customer programs. You've received this mail
because you have registered as a member of one of the programs and
may have come in contact with the component that contains the
vulnerability. Microsoft believes that only a small number of
customers actually are at risk, but we do urge you to use the
following information to ensure that your system is secure.
The vulnerability could enable an attacker to gain control over
another user's system. It lies in a software component called the
File Transfer Manager (FTM), the purpose of which is to allow members
of Microsoft beta programs, MSDN, Microsoft Volume Licensing
Services, and a small number of other Microsoft programs to download
software from certain Microsoft sites. The FTM is only distributed
through these programs, but not every member has installed it. Even
among customers who have installed it, not all are at risk, as only
certain versions contain the vulnerability.
Microsoft recommends that all customers receiving this mail determine
whether the FTM is installed on their systems and, if so, ensure that
they have either upgraded to the latest version (FTM 4.0) or removed
the vulnerable version. A web page
(http://transfers.one.microsoft.com/ftm/install) is available that
provides step-by-step instructions for doing this. The entire
process takes only minutes.
We'd like to thank Andrew Tereschenko for identifying the security
vulnerability and working with us as we developed a solution. We at
Microsoft sincerely apologize for any inconvenience, and look forward
to continuing to work with you as a member of a Microsoft customer
program.
Regards,
The Microsoft Security Response Center
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1
iQEVAwUBPWF5wI0ZSRQxA/UrAQFNeAf/e1gKOSR1pNrUhXstxCPsEYKNWAv0hkrz
LuqpFJhQkNTHVXdQVm0ecl3JbdUvLQxfhlLhESJOIH/CicXh72Q9fPyYPHUaYuFR
DL5KLF4f4iPCU1wiILnIP6R3G26latuowkmeLf0XYnSRWdYvNaQGHM/qgEesSw/C
rrIpzn0faL9e7AXzHxxsZl+0p84YB3fu6UhUEYNGTudfydvlEolcJ85QOK9419VU
5fw5yLh5/dvKUbhsxl69mvcX7vKupkinZI/LfRfk3xFyS7YaoKs7eUX2D5q4nsT4
FsHURmsG8xNiALV/3Hvt1N7uqotzsUKj03v6dj/Q1pB/eNDRInYjPA==
=mhXa
-----END PGP SIGNATURE-----
*******************************************************************
You have received this e-mail bulletin because you are a member of one or
more Microsoft customer programs that distribute the File Transfer Manager.
You have not been subscribed to any newsletters; this is a one-time mailing.
To verify the digital signature on this bulletin, please download our PGP
key at http://www.microsoft.com/technet/security/notify.asp.
For security-related information about Microsoft products, please visit the
Microsoft Security web site at http://www.microsoft.com/security.
- Next message: Bimp: "Authentication problem"
- Previous message: KARIN: "Re: can't log into secure sites"
- Next in thread: Joe Newell: "Re: File Transfer Manager (FTM) vulnerablity???"
- Reply: Joe Newell: "Re: File Transfer Manager (FTM) vulnerablity???"
- Reply: Rich Benack [MS]: "Re: File Transfer Manager (FTM) vulnerablity???"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
