Microsoft investigates Windows Vista Mail flaw from Tom Brance's blog

Microsoft has confirmed that it's investigating reports of a Windows Vista flaw attackers could exploit to compromise Oxwall_test21 PCs by tricking the user into opening a malicious email attachment.

The problem reportedly affects Windows Mail on all versions of Vista windows 10 update error 0x80244022 and antivirus giant Symantec warned customers of its DeepSight threat management service early Friday that Vista's native email client will execute any script or program file that has an associated folder by the same name.

"An attacker can deliver an email message containing a malicious link that references a local executable," Symantec said in an email advisory. "If the victim clicks on this link the Bacs splits IT department in two native program is executed with no further action required."

The vendor said an attacker could potentially exploit the design flaw to delete files or 0x80244022 windows 10 shut down the victim's computer. Other attacks are also possible. However, Symantec noted that the flaw can only be used to execute programs or scripts that natively reside on a computer and also have a folder in place by the same name.

"There is the possibility that an attacker could execute custom malicious Speech Writing Tip Top 10 binaries, yet they would have to first ensure that a malicious file is placed on a target system by some means," the company said. "To exploit this issue, an attacker must entice an unsuspecting user to click a malicious link in an email."

A Microsoft spokeswoman confirmed When Attraction Meets Dating in Love that the software giant is investigating the flaw report, but said there is no indication of attacks at this time.

"Microsoft will continue to investigate the public reports to help provide additional guidance for customers as necessary," she said in an email UK immigration laws are preventing the UK from attracting world-class developers exchange. "Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include issuing a security advisory or providing a security update through our monthly release process, depending on customer needs."

She added that users should always be cautious when clicking on links in unsolicited emails. Symantec agreed. "Do not accept or execute files WiMax critic makes U-turn from untrusted or unknown sources," the company advised.

Symantec also recommended users modify their default configuration files to disable any unwanted behavior. "Disabling HTML email capabilities within mail client applications may reduce the likelihood of successful attacks," the company said.

Finally, to reduce the impact of latent vulnerabilities, IT administrators should limit user privileges to the least amount possible. "This can reduce the likelihood of privileged functions being executed," Symantec said.


Previous post     
     Next post
     Blog home

The Wall

No comments
You need to sign in to comment

Post

By Tom Brance
Added Jun 30

Rate

Your rate:
Total: (0 rates)

Archives

News

Problem with reading feeds