Clanek v LN - BACK ORIFICE

Martin Fort football at sparta.cz
Thu Aug 6 11:36:46 CEST 1998 

Dneska mi doslo tohle, myslim, ze jsou tam odpovedi na Vase otazky:

Dear IEAK 4.x licensee,

This is a special email alert for IEAK 4.x  licensees. We want to inform you
of a security issue that affects e-mail clients including Microsoft Outlook
98,
Microsoft Outlook Express versions 4.0 or later, and Netscape Messenger
versions 4.0 or later.

Microsoft takes security very seriously, and we know you do as well.
We have created a patch which fixes the issue for Outlook Express
and Outlook 98. We recommend that you take advantage of this software
to prevent possible security or customer support problems.

This email contains background on the issue, pointers to detailed support
 information, and instructions on how to deliver the security patch to new
and existing users.

1. BACKGROUND
2. RESOLUTION
3. TECHNICAL SUPPORT INFORMATION
4. RECOMMENDED ACTIONS


1. BACKGROUND
============

The problem is related to how e-mail software handles file attachments
with extremely long file names.  When users attempt to download, open
or launch a file attachment that has a name containing more than a
certain number of characters (the exact number depends on the operating
system used) their action can cause the e-mail software to shut down
unexpectedly.  It is possible - although difficult - for a hacker to cause
malicious code to be executed on a computer as a result of this problem.

To ensure customer safety with regard to this and other security-related
issues, Microsoft is investigating further to uncover variants that the
current
patch may not block. This information will be updated regularly in the URLs
detailed in section 3.

2. RESOLUTION
===========

Microsoft has created a fix for this security issue, which can be downloaded
from
http://www.microsoft.com/security/bulletins/ms98-008.htm.  Note: this
specific security
issue does not affect any Microsoft products except for Outlook Express and
Outlook 98.

3. TECHNICAL SUPPORT INFORMATION
===========================

If a user's email program should crash when they try to open an email with
an
unknown attachment, advise the user to restart the program, then immediately
delete the offending email.  As a general rule, we recommend that users do
not
open, or launch any email attachments received from an unknown source.

Detailed background information for your technical support staff is
available at
the following URLs:

 http://www.microsoft.com/security/bulletins/ms98-008.htm
 http://www.microsoft.com/security
 http://www.microsoft.com/ie/security/?/ie/security/oelong.htm
 http://support.microsoft.com/support/kb/articles/q168/0/19.asp


4. RECOMMENDED ACTIONS
====================

We strongly recommend that you take the following actions:

(a) Use the information in Section 3 of this mail to inform your Technical
Support
staff that this problem exists so they will be prepared to assist any users
who
encounter it.

(b) Post a notice on your home page or technical support page informing
users of the problem.  This notice should encourage your customers to visit
the
following URL: http://www.microsoft.com/security/

Please do not copy the patch software to your own website.  The page
referenced here contains special code to detect the software version of
Outlook Express that users are running, and direct them to the correct patch
file.

(c) For Outlook Express, use the IEAK to include the patch as an
additional component of any new software distributions you create.
During your build process, obtain the latest patch file from
http://www.microsoft.com/msdownload/iebuild/oebuff/en/27646.htm.
Choose save this file to disk when prompted, and add that file as an
'additional component' to be run during the Setup process for your
client software.


Thank you for your continuing support of Internet Explorer,
The IEAK Product Team






--


AC Sparta Praha fotbal, a.s.

Milady Horakove 98
Praha 7 - Letna
170 00
CZECH REPUBLIC

Martin Fort
football at sparta.cz
administrator

Miroslav NETRAIDER Mares wrote in message
<199808051804.UAA03252 at ns.felk.cvut.cz>...
>Dobry den,
>
>Lidove noviny z 5.8. 1998 prinasi na strane 16 clanek o viru BACK ORIFICE.
Z
>clanku jsem pochopil, ze jde o dalsi tzv. e-mailovy virus. Clanek ma
>podtitulek: Ke zlepseni ochrany programu mohou prinutit pocitacovi pirati
>firmu Microsoft -:))))
> Nevite o tom nekdo neco vic odborneho ?
>
>Hezky den preje NETRAIDER
>
>-------------------------------------------------------------------------
>Stavjanova hokejova stranka http://www.iweb.cz/hokej/stavjana.htm
>-------------------------------------------------------------------------
>

More information about the Smajlik mailing list