Discussion in 'other security issues & news' started by JacK, Apr 27, 2003.

Thread Status:
Not open for further replies.
  1. JacK

    JacK Registered Member

    Jun 20, 2002
    Belgium -Li?ge

    Buffer Overrun in Windows Kernel Message Handling could Lead to
    Elevated Privileges (811493)


    The information in the "Mitigating factors" section of Microsoft's
    bulletin claiming that this vulnerability is not exploitable by e-mail
    borne attacks is incorrect. Test exploits have been produced for WWW,
    Outlook, and Outlook Express attack scenarios. In each of the cases, the
    exploit code runs without further user interaction on the victim system.
    Furthermore, no e-mail attachments or any kind of scripting are needed
    since the attack can be carried out via a standard HTML. In fact, merely
    starting the e-mail program can lead to exploitation because (depending on
    configuration) it may automatically open the first new message.

    Rather disturbing in http://support.microsoft.com/?kbid=819634
    Workaround Method 2: Temporarily Turn Off Real-Time Scanning in Your Antivirus Program !!!

    In other words, you might keep the buggy patch without slowing down your system, just allow any virus to mess your system instead !

    Is that the new secuerity M$ policy ?

  2. The Snowman

    The Snowman Guest


    Lovely...just lovely......lets see.....do users install the nice resourse hog patch M$ so lovingly provided to its endeared customers..........then turn off real time scanning...an open the os to one of the many hundred of thousands of viruses.......gee,....oh, but wait....M$ says we can do on demand scans....after infected......hmmmmmmm
Thread Status:
Not open for further replies.