Microsoft Outlook Prone to Attacks, Data Loss: Security Firm
Microsoft's email and planning software Outlook 2003 has a vulnerability that can allow a malicious takeover of a users' computer and data, said a network security firm Tuesday.
Open source solutions provider Sourcefire Inc., said that its researchers observed that Outlook did not perform enough data validation when processing .iCal meeting requests, a format used to send meeting requests over the internet.
As technology continues to advance, so do the threats that look for vulnerabilities to exploit, said Matt Watchinksi, Director of the Sourcefire Vulnerability Research Team.
When Outlook opens a specially crafted .iCal meeting request and parses a malformed VEVENT request, it may corrupt system memory in such a way that an attacker could execute arbitrary code and take complete control of an affected system.
An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
The firm said that it notified Microsoft about the problem today, and both companies are working to create a solution.
More on the Web:
http://www.snort.org/vrt/advisories/vrt-rules-2007-01-09.html
© Copyright IBTimes 2024. All rights reserved.
-
French Air Traffic Controller Strike Threatens Flight Chaos
-
Azerbaijan Says 'Closer Than Ever' To Armenia Peace Deal Amid Border Talks
-
How UK's Biggest Water Supplier Sank Into Crisis
-
Taiwan Hit By Dozens Of Strong Aftershocks From Deadly Quake
-
Gaza Health System 'Completely Obliterated': UN Expert
-
In Ecuadoran Amazon, Butterflies Provide A Gauge Of Climate Change
-
50 Years On, Vintage Vehicles To Reenact Portugal's Carnation Revolution
-
Conflicts Push Military Spending To 'All-time High': Report
-
'Thank You, America:' Zelensky And Netanyahu Applaud House Passage Of Foreign Aid Package
-
Women Journalists Bear The Brunt Of Cyberbullying
