This solution applies to all Barracuda Spam Firewalls configured to work with Microsoft Exchange.
Transport Neutral Encapsulation Format (TNEF) is an attachment encapsulation method used by Microsoft messaging products, including Exchange Server and Office Outlook. TNEF encoded attachments often contain functional elements or other executable components that might be activated as the message passes through a Microsoft messaging infrastructure.
Microsoft has identified and patched a defect in its messaging software that would allow an attacker to use specially crafted TNEF data to gain elevated privileges on an affected computer. (See URL below for more information from Microsoft)
Barracuda Networks recommends all customers using Microsoft messaging products to stay up-to-date with software patches.
However, it is also possible to configure the Barracuda Spam Firewall to block TNEF attacks by blocking attachments with the ‘.dat’ file extension. See Solution #00002993 for more information on file attachment blocking. Be advised that blocking such attachments might reduce functionality of messages originating from Microsoft messaging software.
Link to this page: