Recently Microsoft Outlook Express users were attacked once again. These new attacks were made through vulnerability caused by a boundary error within the processing of Windows Address Book files (.wab). This vulnerability can be exploited to cause a buffer overflow by tricking a user into opening a specially crafted WAB file. Successful exploitation allows execution of arbitrary code.
RITLabs is impatient to inform its clients that The Bat! has its own address book format, which makes it impossible for malicious people to make use of the described intruding scheme. That’s why The Bat! users should not be afraid of this new vulnerability.
Information about this vulnerability: