Winmail.dat exploit |
Post Reply 
|
| Author | |
Alex99 
Guest Group 
|
 Post Options
 Thanks(0)
 Quote Reply
 Topic: Winmail.dat exploitPosted: 04 November 2005 at 1:32am |
|
Has anyone encountered this file? When an Outlook user composes and sends a message using either Rich Text Format or HTML Format, Outlook automagically generates a file, winmail.dat, and attaches it to the end of the message. winmail.dat contains formatting information, in a human-unreadable form, that Outlook at receiving endl uses to display this email message correctly according to microsoft, winmail.dat file can contain file attachments as well. Don't know exact wording ... is called transparent mime? my questions are: Does spamfilter-antivirus detect viruses in winmail.dat file. Does keyword filter treat "encoded" contents in winmail.dat file?? |
|
 |
|
|
LogSat
Admin Group 
Joined: 25 January 2005 Location: United States Status: Offline Points: 4105 |
Post Options
Thanks(0)
Quote Reply
Posted: 04 November 2005 at 4:58pm |
|
SpamFilter will not look for keywords within winmail.dat. That
attachment contains RTF and other extra pieces of info used by Exchange
servers and Outlook clients. To most other email clients the file is
just an annoying attachment.
You are correct in stating that microsoft may add a message's file attachments to the winmail.dat. I hope for Microsoft that they do not do it often, as probably only their own Outlook client will be able to decode them... Unfortunately we do not have an answer on the antivirus question, as we have yet to find one that has been included in the winmail.dat file. |
|
|
|
Topic Options|
Post Reply
|
|
Tweet
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.195 seconds.