What does this have to do with Exchange, specifically? The HTML is calling a local program. For this exploit to work there has to be either a) a downloaded piece of malware to be called in this fashion or b) the called program has to accept command-line strings.
For (a), there should be none on your Exchange server just by following normal security guidelines (i.e. don't log onto the console just for the heck of it, browse from a workstation not a server, etc). For (b) this is a bit easier but, again, why are you browsing from a server? ----- Original Message ----- From: "Williams Scott CTR" <[EMAIL PROTECTED]> To: "Exchange Discussions" <[EMAIL PROTECTED]> Sent: Thursday, February 28, 2002 11:32 AM Subject: Exchange nightmares > > TECH BRIEFING > > > Want To See Something Scary? > > I thought you might be interested in trying this and then see your hair > stand out. When I tried it just now (Wednesday Feb 27, 11am) it still > worked. It's real too, yikes. This web page opens up a DOS box on your > computer. Someone really interested in destruction would be able to wreak > havoc on everyone visiting them. Or, cracked sites might be equipped with > this doozy on their home page and all their visitors just beheaded. I'm not > sure how you could protect your users against this kind of attack. > Suggestions anyone? > http://www.w2knews.com/rd/rd.cfm?id=020228TB-Scary > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
