lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 15 Dec 2015 20:47:47 +0000
From: Haifei Li <>
To: "" <>,
 "" <>, ""
 <>, ""
Subject: [FD] #BadWinmail: The "Enterprise Killer" Attack Vector in
 Microsoft Outlook

Hi All,
I have released a paper & demo describing a novel/serious attack vector I discovered in Microsoft Outlook.
--ConclusionIn this report, the author disclosed a novel attack vector to attack Outlook users via emails, which theauthor named as BadWinmail. Specifically, we disclosed that a Flash (or other types of) exploit can bepacked and delivered via a TNEF email (or MSG attachment). The most serious impact is that the exploitwill get executed as long as the Outlook user reads/previews the attacking email. Because there is nosandbox on Outlook, it allows the attacker to take control of the victim’s computer immediately.
BadWinmail is an ideal attacking technique for targeted/APT attacks because of its severity and thenature of email-based attacks - all the attacker needs to know is the victim’s email address. It’s a “killer”exploit-delivering method as usual tricks such as delivering via email attachments or delivering via URLs(in email bodies) require additional user interactions and are protected by various applicationsandboxes. It’s also a wormable issue rarely seen on Windows platform nowadays.--

Sent through the Full Disclosure mailing list
Web Archives & RSS:

Powered by blists - more mailing lists