Microsoft Plugs Hole In Exchange

KingFishKingFish
edited August 2004 in Science & Tech
Microsoft published a patch Tuesday for its Exchange 5.5 e-mail and collaboration server software, fixing a flaw graded as "moderate," the second-lowest of four ratings.
The vulnerability revealed in Tuesday's advisory could be exploited to target people using the Web e-mail component for Exchange, called Outlook Web Access, Microsoft said. An attacker with an account on a company's Exchange server could create a script that, when run by an OWA user on the same server, would give access to the victim's e-mail boxes and information. The flaw also allows the malicious programmer to place spoofed content, such as fake graphics and Web pages, in the server's cache of Web content.
Source: ZDNet
Sign In or Register to comment.