Microsoft Fixes Exchange Server Flaw
Its regular monthly security update patches a "moderate" flaw in Outlook Web Access for Microsoft Exchange Server 5.5.
Microsoft released its security bulletin for August. The software maker Tuesday issued Microsoft Security Bulletin MS04-026, which addresses a "moderate" flaw in Outlook Web Access for Microsoft Exchange Server 5.5.
The flaw is what's known as a cross-site scripting and spoofing vulnerability, which makes it possible for an attacker to trick a user into running a malicious script on a victim's system. According to Microsoft's bulletin, if successful, an attacker could manipulate a Web browser and certain proxy server caches to place content of his or her choice within those Internet caches.
In its bulletin, Microsoft warns that users who created customized ASP pages should back up those pages before applying the update. Applying the update will overwrite the customized pages.
The Microsoft security bulletin is available here.
About the Author
You May Also Like