So I'm checking the usual vulnerability announcement sources and once again the folks at NISCC have posted info on a beauty. Their NISCC Vulnerability Advisory 693564/NISCC/FOLDERSHARE - Security Implications of the FolderShare Program details huge vulnerabilities (https tunnel, EFS bypassing, and more) in FolderShare, an "add-in tool for Microsoft Desktop Search" which enables "remote access to files stored on Windows and Mac OS X based computers.".
MS's KB "Best practices and security issues to consider when you use FolderShare" is weak, it's only useful recommendation is;
"you can effectively block outgoing traffic to FolderShare. To permanently block the FolderShare satellite from running in a particular environment, block access to the following host name on port TCP/443:
The folks at NISCC credit "Ben Rexworthy of Securinet UK and white-hats.co.uk for reporting these issues to NISCC".
Sep 21st 2006
1 decade ago