MS Critical Patch Fixes 8 Vulnerabilities 202
nandemoari writes "A hole allowing hackers to take control of Microsoft Exchange was just one 'critical' issue the Redmond-based company promises it has fixed with a patch correcting a total of eight vulnerabilities in its programs, including the Internet Explorer browser, Office, and its SQL Server.
Three of the eight vulnerabilities patched yesterday were marked 'critical.' The most concerning is an issue with Exchange that would allow attackers to take over an Exchange server by simply forwarding a carefully crafted message to a corporate mail server. Microsoft has admitted that the vulnerability can be exploited when a user opens or previews an email in the Transport Neutral Encapsulation Format (TNEF)."
Doesn't Sound so Bad (Score:5, Funny)
Stop spreading FUD (Score:4, Funny)
It's all closed source, so there aren't any real vulnerabilities. Even the certified professionals [slashdot.org] say so. They're certified what more do you need !
As if you could spread havoc through email [google.com] on a proprietary system. Bah.
Re:Oddly enough... (Score:5, Funny)
*For you yungins, go look up Kelly Bundy and the above phrase.
I just did. The top result [google.com] is your post!
Re:Its really time to spread the word: (Score:2, Funny)
Re:Oddly enough... (Score:3, Funny)
And the next thing we will hear is that Kelly Bundy has been citing smooth wombat for all these years.
Re:Is it that easy? (Score:4, Funny)
Wow, you have a firewall that stops email from getting to a mail server! I gotta get me one of those...It would reduce my workload by 95%! Since I don't answer any of my phones, the only way people could contact me with problems would be by ambushing me on the way to the bathroom.
It would keep the CEO from ever contacting me, that's for sure. God knows he'd never be caught down here with people who do work.
So.... (Score:5, Funny)
....What "carefully crafted message" would I need to send to take over an Exchange Server?
To: ExchangeServer@company.com
Subject: H3ll0
I 0wn you Now. Please reply back with passwords.
Regards,
Hax0r
Re:Stop spreading FUD (Score:5, Funny)
We DON'T want to know what demonic code is stored in the source files on some secure Microsoft server up in Redmond.
Hmmm...
Did you know that if you boot Windows backwards you can hear satanic APIs ?
Oblig. Quote (Score:4, Funny)
That's nothing! If you boot Windows forwards, it loads Windows!
Re:We installed it ... (Score:4, Funny)
Yes, they should. Namely by you. In your testing environment. Before deploying it to production.