Dangerous Exploit Looms in Windows Vista Mail

Just as we almost recommended using Windows Mail instead of Outlook or Outlook Express a new exploit has come about to negate that recommendation.  Microsoft has acknowledged the existence of a possible exploit and is currently researching its validity.

Symantec has issued a warning regarding the vulnerability giving it a threat rating of 7.5 after it was discovered the bug could be remotely executed.  The exploit works by first sending an email message to the inbox with a link that is attached to a malicious file.  Using this, the suspect PC could be infected with a trojan or identity theft software.

Some of these exploits only require the user to click the link in the email.  In this case, the link is to a local executable file such as winrm.cmd, the remote management command line utility.  That would give the attacker completely control of the PC.

It should be noted that if the link points to a file that is not local it may be easier to spot it as being a scam, especially if it needs to download its support files from somewhere which must then be given permission to execute.  If you aren’t sure of what program launched the request or is asking for permission, don’t allow it.  Please, don’t get in the habit of just clicking “Allow”, “Yes” or “Okay” when these things pop up, actually read the notification first.

Full story at Vista.Blorge

Bookmark