I think Mark might be onto something both the vml and the copies of named files in the temp folder no longer appear to occur: http://www.securityfocus.com/bid/10323 http://www.securityfocus.com/bid/10307 Those notes are dated 10th and 11th May. On the machine they no longer work on, we have a couple XP so-called 'patches' from 14th May and 17th May with a 3 or 4 office update folders with files created on 17th May as well. How's that for service. Quick, silent patching ! No need to bother anyone ! Well done lads. [unless of course if our little XP test machines are broken and we are seeing things] "Spencer, Mark" <mspencer@xxxxxxxxxxxxxxx> said: > Hello, > > A coworker and I spent much of the day yesterday trying to replicate > this behavior and we were not able to do so. The only time we can get > Outlook 2003 to pull anything from our server with this code is when we > send the email within our own MS Exchange. We've tried multiple > clients, multiple SMTP servers, and many variations of the code below > and have not been successful, other than emails sent between Exchange > users. > > I have not seen any other comments on this issue. Is it possible > Microsoft has already patched Outlook 2003 to only allow this behavior > when dealing with a trusted zone? > > Mark > > -----Original Message----- > From: http-equiv@xxxxxxxxxx [mailto:1@xxxxxxxxxxx] > Sent: Tuesday, May 11, 2004 8:42 AM > To: bugtraq@xxxxxxxxxxxxxxxxx > Cc: NTBugtraq@xxxxxxxxxxxxxxxxxxxxxx > Subject: PING: Outlook 2003 Spam > > > > Tuesday, May 11, 2004 > > Outlook 2003 the premier mail client from the company called 'Microsoft' > certainly appears to have a lot of security features built into it. > Cursory examination shows excellent thought into 'spam' containment, > 'security' consideration and many other little 'things'. So much so the > default rendering of html is in so-called 'restricted zone' which > disallows nearly everything [frames, iframes, objects, scripting etc.]. > In addition 'special' spam measures are taken to disallow graphic > downloads from a remote server in html email which can be used to verify > recipients: > > [screen shot: http://www.malware.com/duhlook.png 40KB] > > The Key Word is: nearly > > Utilising Outlook's own bizarre scheMAH ! which comprises a 'proper' > frame along with an src pointing to our remote server, we are able to > ping the server and confirm our recipient has viewed our email. We don't > require graphics or frames or iframes to do that: > > <v:vml frame style="LEFT: 50px; WIDTH: 300px; POSITION: > relative; TOP: 30px; HEIGHT: 200px" > src = "http://www.malware.com/duh.txt#malware";></v:vmlframe> > > <HTML> > <HEAD> > <STYLE> > v\:* { behavior: url(#default#VML); } > </STYLE> > <XML:NAMESPACE NS="urn:schemas-microsoft-com:vml" PREFIX="v"/> </HEAD> > > > Notes: > > 1. We now commence our examination of the Microsoft Office 2003 suite, > we're a bit late, but it has taken all this time to save up to buy the > thing 2. Quick 72 hour prodding reveals that this 'perceived' premier > device known as Outlook 2003 is in fact riddled with holes 3. Do not > receive or open any emails period. Use string and tin cans if you must > communicate > > > > End Call > > > -- > http://www.malware.com > > > > > > -- http://www.malware.com
