subject:"\[Full\-disclosure\] iDefense Security Advisory 10.09.07\:Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow"

Re: [Full-disclosure] iDefense Security Advisory 10.09.07:Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow

2007-10-10 Thread gjgowey

ssage- From: Nick FitzGerald <[EMAIL PROTECTED]> Date: Wed, 10 Oct 2007 21:15:57 To:[EMAIL PROTECTED], full-disclosure@lists.grok.org.uk,[EMAIL PROTECTED] Subject: Re: [Full-disclosure] iDefense Security Advisory 10.09.07: Microsoft Windows Mail and Outlook Express NNTP Protocol He

Re: [Full-disclosure] iDefense Security Advisory 10.09.07: Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow

2007-10-10 Thread Nick FitzGerald

iDefense Labs wrote: <<...>> > V. WORKAROUND > > Deleting the all sub-keys of the following registry keys will remove the > 'news' and 'snews' protocol handlers: > > HKEY_CLASSES_ROOT\news\shell > HKEY_CLASSES_ROOT\snews\shell If you want to do a thorough job of such mitigation as a Q&D fix

[Full-disclosure] iDefense Security Advisory 10.09.07: Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow

2007-10-09 Thread iDefense Labs

Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow iDefense Security Advisory 10.09.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 09, 2007 I. BACKGROUND Microsoft Windows Mail and Outlook Express are the default mail and news clients for Windows operating syst