|
Posted by =?Utf-8?B?TWljayBKZW5uaW5ncw== on May 17, 2007, 4:10 am
If you were Registered and logged in, you could reply and use other advanced thread options
"Newell White" wrote:
> 1) Can't help
>
> 2) Configure e-mail client to show all messages as text, not html. Copy and
> paste text version of link into web browser address bar. This is known as a
> WYSIWYG hyperlink, and is preferable to a blind jump into hyperspace!
> --
> Newell White
>
>
> "Mick Jennings" wrote:
>
> > Hi all,
> >
> > I've recently signed up to receive the MS newsletters and alerts so that I
> > can start to learn more about security issues in depth. Once I'm past my SBS
> > exam I intend to take courses in the security side, but for now I'm no
expert
> > and relatively new to the "MS way" ...
> >
> > I received an email this morning claiming to be from Microsoft with the
> > subject "Microsoft Security Bulletin Minor Revisions". It doesn't look
> > professional, beginning with text ...
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > ********************************************************************
> > Title: Microsoft Security Bulletin Minor Revisions
> > Issued: May 16, 2007
> > ********************************************************************
> >
> > Summary
> > =======
> > The following bulletins have undergone a minor revision increment.
> > Please see the appropriate bulletin for more details.
> >
> > * MS07-027
> > * MS07-025
> > * MS07-023
> >
> > Bulletin Information:
> > =====================
> >
> > * MS07-027
> >
> > - http://www.microsoft.com/technet/security/bulletin/ms07-027.mspx
> > - Reason for Revision: Bulletin revised due to an incorrect file
> > name in Arbitrary File Rewrite Vulnerability - CVE-2007-2221
> > killbit table; A new issue discovered with the security
> > update: 937409 The "File Download - Security Warning" dialog
> > box opens when you try to open Internet Explorer 7; Updated
> > file names for Internet Explorer 7
> > - Originally posted: May 8, 2007
> > - Updated: May 16, 2007
> > - Bulletin Severity Rating: Critical
> > - Version: 1.2
> >
> > Anyway - I wondered 2 things ...
> >
> > 1. How do I check that it's actually from Microsoft and not a spoofed send
> > address (I have SBS2003 R2 SP2 installed but I haven't yet configured the
IMF
> > to check the Sender ID - how do I check that manually ?)
> >
> > 2. How do I check that the links in the email actually point to where they
> > say they point to (ok I have IE7 which SHOULD prevent phishing attacks
right?
> > but again I'm interested to know how to assure myself manually)
> >
> > Thanks all. Sorry if these are dumb questions or posted in the wrong place.
| 
XML site map