Microsoft TNEF Vulnerability: bad news
Posted on January 13, 2006
Filed Under /dev/null/ | 73 views |
On the heels of last week’s Windows Metafile critical vulnerability comes this new potential exploit in Exchange Server that apparently could be a major issue:
The TNEF vulnerability, which Microsoft spelled out in the MS06-003 security bulletin, is a flaw in how Microsoft’s Outlook client and older versions of its Exchange server software decode the TNEF MIME attachment. TNEF is used by Exchange and Outlook when sending and processing messages formatted as Rich Text Format (RTF), one of the formatting choices available to Outlook users.
“All that’s required to exploit this is an e-mail message,” said Litchfield. No user interaction is needed to compromise an Exchange 5.0, 5.5, or 2000 server; all that’s necessary is to deliver a maliciously-crafted e-mail to the server.
It’s that characteristic, as well as the ease with which an attack could spread, that has Litchfield so worried.
“You could take over an Exchange server with a single, simple e-mail,” he said. “From there you could target all the clients accessing that server. You would ‘own’ any Outlook client that connects to that server. Then an attacker could grab the Outlook users’ address books.
“If you did it right, you could own every Outlook user in the world within a week,” he said.
Fortunately Microsoft has already issued patches for this and Exchange Server 2003 is immune. Its now in the hands of the server admins to make sure they patch this baby.
Comments
Leave a Reply