[ISN] MSN Messenger flaw allows hard-drive access

From: InfoSec News (isn@private)
Date: Wed Mar 10 2004 - 05:18:14 PST

  • Next message: InfoSec News: "[ISN] Yoran Grilled at Senate Hearing"

    http://news.com.com/2100-1002_3-5171898.html
    
    By Michael Kanellos 
    Staff Writer, CNET News.com
    March 9, 2004
    
    Microsoft has revealed three new vulnerabilities in its software,
    including the first to affect MSN Messenger 6.0, and is urging
    customers to patch their systems now.
    
    Two of the vulnerabilities are considered medium-level risks, while
    the third presents a medium- to low-level risk, according to security
    software specialist Symantec and others. Three separate patches to
    repair the flaws--which affect different pieces of software--have been
    released and are available for download. The identification of the
    vulnerabilities came Wednesday as part of Microsoft's regular security
    bulletin process.
    
    Later, the software giant will also send notices about the Messenger
    patch through MSN Messenger itself, said Stephen Toulouse, security
    program manager for the Microsoft Security Response Center.
    
    The vulnerability in MSN Messenger versions 6.0 and 6.1 could let an
    attacker view the contents of a victim's hard drive during a chat
    session with the victim.
    
    Attackers "could view files through MSN Messenger on their computer,"  
    Toulouse said. "They can do it, and you are not necessarily aware of
    what they are doing."
    
    Users who do not block anonymous callers are most vulnerable to the
    exploit. If anonymous callers are blocked, the attacker has to be
    identified on the victim's address list. To obtain particular
    information, such as credit card numbers, attackers have to troll the
    hard drive, said Toulouse.
    
    Oliver Friedrichs, senior manager for Symantec's security response
    team, said that victims don't actually have to be in conversation with
    the attacker. As long as the user permits anonymous callers to send
    messages, an attacker could come in and peruse Quicken files or other
    identifiable files that could likely contain sensitive data. However,
    most people block that function, so random attacks will likely be
    rare, he said.
    
    The second medium-level risk could allow a hacker to take over a
    system by executing Internet Explorer code through a flaw in Outlook
    2002.
    
    A computer has to be configured in a particular manner, though, said
    Toulouse. The user has to set "Outlook Today" as the Outlook home
    page.
    
    "If you go to Outlook through your in-box, you are protected," he
    said.
    
    The third flaw allows attackers to instigate a denial-of-service
    attack against servers running Windows Media Services 4.1. The
    vulnerability exists because of the way Windows Media Station Service
    and Windows Media Monitor Service, components of Windows Media
    Services, handle TCP/IP connections. If an attacker sent a particular
    sequence of packets to a server running Media Services 4.1, it could
    interrupt any video streams.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Wed Mar 10 2004 - 08:21:24 PST