Rui J.M. Silva Blog RSS

All Blogs  »  Rui J.M. Silva Blog  »  EHLO  »  Blog article: Vulnerability in Exchange/OWA

Vulnerability in Exchange/OWA

Microsoft published recently security bulletin MS06-029, which describes a new vulnerability that can affect Exchange Server 2000 and 2003. This vulnerability could allow script injection when Exchange Server runs Outlook Web Access. An attacker could exploit the vulnerability by constructing an e-mail message with a specially crafted script. If this specially crafted script is run, it would execute in the security context of the user on the client. More information in the following links:

There are patches available for Exchange 2000 SP3, Exchange 2003 SP1 and Exchange 2003 SP2, but be warned that the installation of these security updates can break third party services such as BlackBerry or GodLink.

Technorati : , ,
Del.icio.us : , ,

This entry was posted on Friday, June 16th, 2006 at 6:31 am and is filed under EHLO. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

This is a captcha-picture. It is used to prevent mass-access by robots. (see: www.captcha.net)

You must read and type the 5 chars within 0..9 and A..F, and submit the form.

  

If CAPTCHA image is missing or you cannot read the characters above, please generate a




Receive all the latest articles by email!

Receive Real-Time & Monthly MSExchange.org article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become an MSExchange.org member!

Discuss your Exchange Server issues with thousands of other Exchange experts. Click here to join!

Solution Center