SecurityFocus Microsoft Newsletter #417

rkeith Fri, 24 Oct 2008 15:47:43 -0700


SecurityFocus Microsoft Newsletter #417
----------------------------------------

This issue is sponsored by HP:

Very few applications are bulletproof from hackers. During this 12 minute
unscripted video, you.ll sit in a virtual conference room with two of the
world's most well-known white hat hackers, Caleb Sima and Billy Hoffman.
During this whiteboard session, they demonstrate just how easy it is to
break-into a private corporate network through the web application and own the
back-end database. During this video, you will learn just how easy it is to
hack into web applications and hear how hackers execute some of their favorite
attacks: client side pricing attack, session hijacking, fuzzing and SQL
Injection.
https://h30406.www3.hp.com/campaigns/2008/wwcampaign/1-4W4AD/index.php?mcc=DZRV&jumpid=edm_r11374_us/en/large/tsg/w1_Hackers_vid_securityfocus/mcc_DZRV/20081020/

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying
topics of interest for our community. We are proud to offer content from
Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Clicking to the Past
2. The Vice of Vice Presidential E-Mail
II. MICROSOFT VULNERABILITY SUMMARY
1. SilverSHielD 'opendir()' Remote Denial of Service Vulnerability
2. Microsoft Windows Server Service RPC Handling Remote Code Execution
Vulnerability
3. freeSSHd SFTP 'rename' Remote Buffer Overflow Vulnerability
4. Multiple EMC NetWorker Products 'nsrexecd.exe' RPC Request Denial of
Service Vulnerability
5. Cisco PIX and ASA Windows NT Domain VPN Authentication Bypass
Vulnerability
6. IBM DB2 Universal Database Prior to 9.1 Fixpak 6 Multiple
Vulnerabilities
7. Wireshark 1.0.3 Multiple Denial Of Service Vulnerabilities
8. Hummingbird HostExplorer ActiveX Control 'PlainTextPassword()' Buffer
Overflow Vulnerability
9. Adobe Flash CS3 Professional SWF File Heap Buffer Overflow
Vulnerability
10. Symantec Altiris Deployment Solution Client User Interface Local
Privilege Escalation Vulnerability
11. Microsoft Outlook Web Access for Exchange Server 'redir.asp' URI
Redirection Vulnerability
12. Titan FTP Server 'SITE WHO' Command Remote Denial of Service
Vulnerability
13. Etype Eserv FTP 'ABOR' Command Remote Stack Based Buffer Overflow
Vulnerability
14. Husdawg System Requirements Lab Multiple Remote Code Execution
Vulnerabilities
15. RaidenFTPD 'MLST' Command Remote Stack Based Buffer Overflow
Vulnerability
16. XM Easy Personal FTP Server 'NSLT' Command Remote Denial of Service
Vulnerability
17. Lenovo Rescue and Recovery 'tvtumon.sys' Heap Overflow Vulnerability
18. Microsoft Excel Formula Parsing Remote Code Execution Vulnerability
19. Microsoft Excel BIFF File Format Parsing Remote Code Execution
Vulnerability
20. Microsoft Excel Calendar Object Validation Remote Code Execution
Vulnerability
21. Microsoft Office CDO Protocol Cross Site Scripting Vulnerability
22. Microsoft Windows Internet Printing Service Integer Overflow
Vulnerability
23. Microsoft Windows VAD Local Privilege Escalation Vulnerability
24. Microsoft Windows AFD Driver Local Privilege Escalation Vulnerability
25. Microsoft Internet Explorer Cross Domain Information Disclosure
Vulnerability
26. Microsoft Windows Kernel Unhandled System Call Local Privilege
Escalation Vulnerability
27. Microsoft Windows Kernel Memory Corruption Local Privilege
Escalation Vulnerability
28. Microsoft Windows Kernel Window Creation Local Privilege Escalation
Vulnerability
29. Microsoft Windows SMB Buffer Underflow Code Execution Vulnerability
30. Microsoft Message Queuing Service RPC Query Heap Corruption
Vulnerability
31. Microsoft Host Integration Server RPC Remote Command Execution
Vulnerability
32. Microsoft Internet Explorer HTML Objects Uninitialized Memory
Corruption Vulnerability
33. Microsoft Internet Explorer Uninitialized Object Remote Memory
Corruption Vulnerability
34. Microsoft Internet Explorer Event Handling Cross Domain Security
Bypass Vulnerability
35. Microsoft Internet Explorer HTML Element Cross Domain Security
Bypass Vulnerability
36. Microsoft Windows Active Directory LDAP Request Handling Remote Code
Execution Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter #416
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Clicking to the Past
By Chris Wysopal
When the first details trickled out about a new attack, dubbed .clickjacking.
by the researchers who found it, the descriptions made me think of the tricks I
used to pull during penetration tests ten years ago to get administrator
privileges: Tricking the user into issuing a command on an attacker.s behalf is
one of the oldest attack vectors in the book.
http://www.securityfocus.com/columnists/483

2a .The Vice of Vice Presidential E-Mail
By Mark Rasch
Is it a crime to read someone else's e-mail without their consent? Seems like a simple
question, but the law is not so clear. In mid-September 2008, a hacker using the handle
"Rubico" claim credit for breaking into the Yahoo! e-mail account of Governor
Sarah Palin, the Republican Vice Presidential candidate. In a post online, Rubico wrote
that he had been following news reports that claimed Palin had been using her personal
Yahoo e-mail account for official government business.
In the early 90's, I attended an academic conference in Hawaii. At one presentation, a
colleague from the University of California at Berkeley whom I'll refer to as "the
supervisor," told a story of young hackers, who he referred to as the Urchins
http://www.securityfocus.com/columnists/482

II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. SilverSHielD 'opendir()' Remote Denial of Service Vulnerability
BugTraq ID: 31884
Remote: Yes
Date Published: 2008-10-23
Relevant URL: http://www.securityfocus.com/bid/31884
Summary:
SilverSHielD is prone to a denial-of-service vulnerability because the
application fails to handle excessive user input.

An attacker may exploit this issue to crash the vulnerable application,
resulting in a denial-of-service condition.

SilverSHielD 1.0.2.34 is vulnerable; other versions may also be affected.

2. Microsoft Windows Server Service RPC Handling Remote Code Execution
Vulnerability
BugTraq ID: 31874
Remote: Yes
Date Published: 2008-10-22
Relevant URL: http://www.securityfocus.com/bid/31874
Summary:
Microsoft Windows is prone to a remote-code execution vulnerability that
affects RPC (Remote Procedure Call) handling in the Server service.

An attacker could exploit this issue to execute arbitrary code with
SYSTEM-level privileges. Successful exploits will result in the complete
compromise of vulnerable computers. This issue may be prone to widespread
automated exploits. Attackers require authenticated access on Windows Vista
and Server 2008 platforms to exploit this issue.

This vulnerability affects Windows 2000, Windows XP, Windows Server 2003,
Windows Vista, and Windows Server 2008.

3. freeSSHd SFTP 'rename' Remote Buffer Overflow Vulnerability
BugTraq ID: 31872
Remote: Yes
Date Published: 2008-10-22
Relevant URL: http://www.securityfocus.com/bid/31872
Summary:
freeSSHd is prone to a remote buffer-overflow vulnerability because the
application fails to perform adequate boundary-checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary code with the
privileges of the user running the affected application. Failed exploit
attempts will result in a denial-of-service condition.

This issue affects freeSSHd 1.2.1; other versions may also be affected.

4. Multiple EMC NetWorker Products 'nsrexecd.exe' RPC Request Denial of Service
Vulnerability
BugTraq ID: 31866
Remote: Yes
Date Published: 2008-10-22
Relevant URL: http://www.securityfocus.com/bid/31866
Summary:
Multiple EMC NetWorker products are prone to a denial-of-service vulnerability.

Attackers can exploit this issue by sending malicious RPC requests, causing
affected applications to consume resources until they become unresponsive.
Repeated requests can lead to a denial-of-service condition.

5. Cisco PIX and ASA Windows NT Domain VPN Authentication Bypass Vulnerability
BugTraq ID: 31864
Remote: Yes
Date Published: 2008-10-22
Relevant URL: http://www.securityfocus.com/bid/31864
Summary:
Cisco PIX and ASA is prone to an authentication-bypass vulnerability.

Remote attackers can exploit this issue to gain unauthorized access to the
affected devices. Successfully exploiting this issue will lead to other attacks.

This issue is being monitored by Cisco Bug ID CSCsj25896.

6. IBM DB2 Universal Database Prior to 9.1 Fixpak 6 Multiple Vulnerabilities
BugTraq ID: 31856
Remote: Yes
Date Published: 2008-10-21
Relevant URL: http://www.securityfocus.com/bid/31856
Summary:
IBM DB2 Universal Database is prone to multiple vulnerabilities.

Successful exploits may allow attackers to obtain sensitive information or
cause a denial-of-service condition.

Versions prior to DB2 9.1 Fixpak 6 are affected.

7. Wireshark 1.0.3 Multiple Denial Of Service Vulnerabilities
BugTraq ID: 31838
Remote: Yes
Date Published: 2008-10-20
Relevant URL: http://www.securityfocus.com/bid/31838
Summary:
Wireshark is prone to multiple denial-of-service vulnerabilities.

Exploiting these issue may allow attackers to crash the application or cause
the application to crash, denying service to legitimate users. Attackers may be
able to leverage some of these vulnerabilities to execute arbitrary code, but
this has not been confirmed.

These issues affect Wireshark 0.10.3 up to and including 1.0.3.

8. Hummingbird HostExplorer ActiveX Control 'PlainTextPassword()' Buffer
Overflow Vulnerability
BugTraq ID: 31783
Remote: Yes
Date Published: 2008-10-16
Relevant URL: http://www.securityfocus.com/bid/31783
Summary:
Hummingbird HostExplorer ActiveX control is prone to a buffer-overflow
vulnerability because the application fails to adequately check boundaries on
user-supplied input.

An attacker can exploit this issue to execute arbitrary code in the context of
the application using the ActiveX control (typically Internet Explorer).
Failed attacks will likely cause denial-of-service conditions.

9. Adobe Flash CS3 Professional SWF File Heap Buffer Overflow Vulnerability
BugTraq ID: 31769
Remote: Yes
Date Published: 2008-10-15
Relevant URL: http://www.securityfocus.com/bid/31769
Summary:
Adobe Flash CS3 Professional is prone to a heap-buffer overflow vulnerability.

An attacker may exploit this issue to execute arbitrary code in the context of
the affected application. Failed exploit attempts will likely result in
denial-of-service conditions.

Flash CS3 Professional for Microsoft Windows is vulnerable.

10. Symantec Altiris Deployment Solution Client User Interface Local Privilege
Escalation Vulnerability
BugTraq ID: 31766
Remote: No
Date Published: 2008-10-20
Relevant URL: http://www.securityfocus.com/bid/31766
Summary:
Symantec Altiris Deployment Solution is prone to a local privilege-escalation
vulnerability.

An attacker can exploit this issue to bypass security settings and gain
privileged access. Successfully exploiting this issue will result in the
complete compromise of affected computers.

11. Microsoft Outlook Web Access for Exchange Server 'redir.asp' URI
Redirection Vulnerability
BugTraq ID: 31765
Remote: Yes
Date Published: 2008-10-15
Relevant URL: http://www.securityfocus.com/bid/31765
Summary:
Outlook Web Access is prone to a remote URI-redirection vulnerability because
the application fails to properly sanitize user-supplied input.

A successful exploit may aid in phishing attacks.

OWA 6.5 SP 2 is vulnerable; other versions may also be affected.

12. Titan FTP Server 'SITE WHO' Command Remote Denial of Service Vulnerability
BugTraq ID: 31757
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31757
Summary:
Titan FTP Server is prone to a remote denial-of-service vulnerability.

Exploiting this issue allows remote attackers to crash affected FTP servers,
denying service to legitimate users.

Titan FTP Server 6.26 build 630 is vulnerable; other versions may also be
affected.

13. Etype Eserv FTP 'ABOR' Command Remote Stack Based Buffer Overflow
Vulnerability
BugTraq ID: 31753
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31753
Summary:
Etype Eserv is prone to a remote stack-based buffer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code within the context
of the affected application. Failed exploit attempts will result in a
denial-of-service condition.

Eserv 3.26 is vulnerable; other versions may also be affected.

14. Husdawg System Requirements Lab Multiple Remote Code Execution
Vulnerabilities
BugTraq ID: 31752
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31752
Summary:
Husdawg System Requirements Lab ActiveX controls and Java applets are prone to
multiple remote code-execution vulnerabilities.

Successful exploit will allow attackers to download and execute arbitrary files
on the affected computer in the context of the application that uses the
plugins.

15. RaidenFTPD 'MLST' Command Remote Stack Based Buffer Overflow Vulnerability
BugTraq ID: 31741
Remote: Yes
Date Published: 2008-10-13
Relevant URL: http://www.securityfocus.com/bid/31741
Summary:
RaidenFTPD is prone to a remote stack-based buffer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code within the context
of the affected application. Failed exploit attempts will result in a
denial-of-service condition.

RaidenFTPD 2.4 build 3620 is vulnerable; other versions may also be affected.

16. XM Easy Personal FTP Server 'NSLT' Command Remote Denial of Service
Vulnerability
BugTraq ID: 31739
Remote: Yes
Date Published: 2008-10-13
Relevant URL: http://www.securityfocus.com/bid/31739
Summary:
XM Easy Personal FTP Server is prone to a remote denial-of-service
vulnerability.

This issue allows remote attackers to crash affected FTP servers, denying
service to legitimate users.

XM Easy Personal FTP Server 5.6.0 is vulnerable; other versions may also be
affected.

17. Lenovo Rescue and Recovery 'tvtumon.sys' Heap Overflow Vulnerability
BugTraq ID: 31737
Remote: No
Date Published: 2008-10-13
Relevant URL: http://www.securityfocus.com/bid/31737
Summary:
Lenovo Rescue and Recovery is prone to a heap-based overflow vulnerability.

A successful exploit of this vulnerability can allow a local attacker to
completely compromise the affected computer.

Lenovo Rescue and Recover 4.20 is vulnerable.

18. Microsoft Excel Formula Parsing Remote Code Execution Vulnerability
BugTraq ID: 31706
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31706
Summary:
Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers may exploit this issue by enticing victims into opening a maliciously
crafted Excel file.

Successful exploits may allow attackers to execute arbitrary code with the
privileges of the user running the application.

19. Microsoft Excel BIFF File Format Parsing Remote Code Execution Vulnerability
BugTraq ID: 31705
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31705
Summary:
Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers may exploit this issue by enticing victims into opening a maliciously
crafted Excel file.

Successful exploits may allow attackers to execute arbitrary code with the
privileges of the user running the application.

20. Microsoft Excel Calendar Object Validation Remote Code Execution
Vulnerability
BugTraq ID: 31702
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31702
Summary:
Microsoft Excel is prone to a remote code-execution vulnerability.

Attackers may exploit this issue by enticing victims into opening a maliciously
crafted Excel file.

Successful exploits may allow attackers to execute arbitrary code with the
privileges of the user running the application.

21. Microsoft Office CDO Protocol Cross Site Scripting Vulnerability
BugTraq ID: 31693
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31693
Summary:
Microsoft Office is prone to a cross-site scripting vulnerability that arises
because the software fails to handle specially crafted CDO protocol URIs in a
proper manner.

Successfully exploiting this issue may allow an attacker to execute arbitrary
script code in the browser of an unsuspecting user in the context of the
affected site. This may allow the attacker to steal cookie-based authentication
credentials and to launch other attacks.

Office XP Service Pack 3 is vulnerable.

22. Microsoft Windows Internet Printing Service Integer Overflow Vulnerability
BugTraq ID: 31682
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31682
Summary:
Microsoft Internet Printing Service is prone to an integer-overflow
vulnerability.

Exploiting this vulnerability allows attackers to execute arbitrary code with
system-level privileges.

23. Microsoft Windows VAD Local Privilege Escalation Vulnerability
BugTraq ID: 31675
Remote: No
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31675
Summary:
Microsoft Windows is prone to a local privilege-escalation vulnerability
because of an error in how the system memory manager handles memory allocation
in relation to Virtual Address Descriptors (VAD).

A successful exploit will let a local attacker completely compromise an
affected computer.

24. Microsoft Windows AFD Driver Local Privilege Escalation Vulnerability
BugTraq ID: 31673
Remote: No
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31673
Summary:
Microsoft Windows is prone to a local privilege-escalation vulnerability in the
Ancillary Function Driver ('afd.sys').

A successful exploit of this vulnerability will let a local attacker completely
compromise an affected computer.

25. Microsoft Internet Explorer Cross Domain Information Disclosure
Vulnerability
BugTraq ID: 31654
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31654
Summary:
Microsoft Internet Explorer is prone to a cross-domain information-disclosure
vulnerability because the application fails to properly enforce the same-origin
policy.

An attacker can exploit this issue to execute arbitrary script code in another
browser window's security zone. This may allow the attacker to steal
cookie-based authentication credentials and launch other attacks.

26. Microsoft Windows Kernel Unhandled System Call Local Privilege Escalation
Vulnerability
BugTraq ID: 31653
Remote: No
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31653
Summary:
Microsoft Windows is prone to a local privilege-escalation vulnerability that
occurs in the Windows kernel.

An attacker can exploit this issue to execute arbitrary code with kernel-level
privileges. Successfully exploiting this issue will result in the complete
compromise of affected computers.

27. Microsoft Windows Kernel Memory Corruption Local Privilege Escalation
Vulnerability
BugTraq ID: 31652
Remote: No
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31652
Summary:
Microsoft Windows is prone to a local privilege-escalation vulnerability that
occurs in the Windows kernel.

An attacker can exploit this issue to execute arbitrary code with kernel-level
privileges. Successfully exploiting this issue will result in the complete
compromise of affected computers.

28. Microsoft Windows Kernel Window Creation Local Privilege Escalation
Vulnerability
BugTraq ID: 31651
Remote: No
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31651
Summary:
Microsoft Windows is prone to a local privilege-escalation vulnerability.

An attacker can exploit this issue to execute arbitrary code with kernel-level
privileges. Successfully exploiting this issue will result in the complete
compromise of affected computers.

29. Microsoft Windows SMB Buffer Underflow Code Execution Vulnerability
BugTraq ID: 31647
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31647
Summary:
Microsoft Windows is prone to a remote code execution vulnerability caused by a
buffer-underflow condition in the SMB (Server Message Block) protocol
implementation.

To exploit the issue, an attacker must first successfully authenticate as a
legitimate user or a Guest user on the affected computer. A successful exploit
will completely compromise the affected computer.

30. Microsoft Message Queuing Service RPC Query Heap Corruption Vulnerability
BugTraq ID: 31637
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31637
Summary:
The Microsoft Message Queuing service (MSMQ) is prone to a remote
heap-corruption vulnerability.

An attacker can exploit this issue to execute arbitrary code with SYSTEM-level
privileges, facilitating the complete compromise of an affected computer.
Failed exploit attempts will result in a denial-of-service condition.

This issue is exploitable remotely on Windows 2000 systems only. The MSMQ
service is not installed or enabled by default. For a computer to be
exploited, an administrator must have explicitly installed and enabled the
service.

31. Microsoft Host Integration Server RPC Remote Command Execution Vulnerability
BugTraq ID: 31620
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31620
Summary:
Microsoft Windows is prone to a remote command-execution vulnerability in the
SNA service through a remote procedure call (RPC).

Successfully exploiting this issue would allow an attacker to execute arbitrary
commands on an affected computer in the context of the affected service.

32. Microsoft Internet Explorer HTML Objects Uninitialized Memory Corruption
Vulnerability
BugTraq ID: 31618
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31618
Summary:
Microsoft Internet Explorer is prone to a remote memory-corruption
vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of
the user running the application. Successful exploits will compromise the
application and possibly the underlying computer. Failed attacks will cause
denial-of-service conditions.

33. Microsoft Internet Explorer Uninitialized Object Remote Memory Corruption
Vulnerability
BugTraq ID: 31617
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31617
Summary:
Microsoft Internet Explorer is prone to a remote memory-corruption
vulnerability.

34. Microsoft Internet Explorer Event Handling Cross Domain Security Bypass
Vulnerability
BugTraq ID: 31616
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31616
Summary:
Microsoft Internet Explorer is prone to a cross-domain security-bypass
vulnerability because the application fails to properly enforce the same-origin
policy.

An attacker can exploit this issue to execute arbitrary script code in another
browser window's security zone. This may allow attackers to steal cookie-based
authentication credentials and launch other attacks.

NOTE: Attackers exploiting this issue on Internet Explorer 6 SP1 running on
Microsoft Windows 2000 SP4 may leverage the issue to execute remote code. Other
vulnerable versions of the browser are prone only to information disclosure.

35. Microsoft Internet Explorer HTML Element Cross Domain Security Bypass
Vulnerability
BugTraq ID: 31615
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31615
Summary:
Microsoft Internet Explorer is prone to a cross-domain security-bypass
vulnerability because the application fails to properly enforce the same-origin
policy.

36. Microsoft Windows Active Directory LDAP Request Handling Remote Code
Execution Vulnerability
BugTraq ID: 31609
Remote: Yes
Date Published: 2008-10-14
Relevant URL: http://www.securityfocus.com/bid/31609
Summary:
Microsoft Windows Active Directory is prone to a remote code-execution
vulnerability that arises because the application fails to handle specially
crafted LDAP or LDAP over SSL (LDAPS) requests in a proper manner.

Successfully exploiting this issue would allow an attacker to execute arbitrary
code and gain complete access to a vulnerable computer. The attacker may also
be able to cause the affected system to stop responding to further requests and
restart.

This issue affects only Windows 2000 servers configured as Active Directory
domain controllers.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #416
http://www.securityfocus.com/archive/88/497456

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to [EMAIL PROTECTED] from the subscribed
address. The contents of the subject or message body do not matter. You will
receive a confirmation request message to which you will have to answer.
Alternatively you can also visit http://www.securityfocus.com/newsletters and
unsubscribe via the website.

If your email address has changed email [EMAIL PROTECTED] and ask to be
manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by HP:

SecurityFocus Microsoft Newsletter #417

Reply via email to