If you thought that the WMF (Windows MetaFile) bug was bad…there’s another bug that is far worse. The flaw is in the way Exchange, Microsoft’s e-mail server and Outlook communicate. I’ll post the most relevant quote from the article. The original article can be found here.
“All that’s required to exploit this is an e-mail message,” said Litchfield. No user interaction is needed to compromise an Exchange 5.0, 5.5, or 2000 server; all that’s necessary is to deliver a maliciously-crafted e-mail to the server.
It’s that characteristic, as well as the ease with which an attack could spread, that has Litchfield so worried.
“You could take over an Exchange server with a single, simple e-mail,” he said. “From there you could target all the clients accessing that server. You would ‘own’ any Outlook client that connects to that server. Then an attacker could grab the Outlook users’ address books.
“If you did it right, you could own every Outlook user in the world within a week,” he said.
The only version of Exchange that is not vulnerable is the latest, Exchange 2003. All previous versions are still vulnerable, as are all versions of Outlook, including the latest.