As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/

Use Exchange? Read this (critical vulnerability)

GrimReaperGrimReaper Registered User regular
There are two new security issues with MS Exchange server (2000 to 2007) that are pretty damn big.

See here.

Essentially this allows remote exploitation of Exchange.

If you are running an Exchange server then get it patched immediately.

Like all MS security bulletins it is vague to the nth degree, so I'm unsure if an SMTP proxy might prevent this. Otherwise it is good practice to have an SMTP proxy with an IDS sitting between the internet and your email server.

PSN | Steam
---
I've got a spare copy of Portal, if anyone wants it message me.
GrimReaper on

Posts

  • exoplasmexoplasm Gainfully Employed Near Blizzard HQRegistered User regular
    edited February 2009
    The link doesn't work.

    Does this affect most hosted exchange services?

    exoplasm on
    1029386-1.png
    SC2 NA: exoplasm.519 | PA SC2 Mumble Server | My Website | My Stream
  • darkgruedarkgrue Registered User regular
    edited February 2009
    exoplasm wrote: »
    Does this affect most hosted exchange services?

    Link works fine for me. Goes to the Microsoft Security Bulletin MS09-003 on TechNet.
    exoplasm wrote: »
    Does this affect most hosted exchange services?

    If the hosted service isn't patching, yes. The patch was released yesterday (10 Feb 2009). Since a lot of hosting services don't necessarily patch auomatically (or in some cases, at all), it could be a valid concern.

    darkgrue on
  • GrimReaperGrimReaper Registered User regular
    edited February 2009
    darkgrue wrote: »
    exoplasm wrote: »
    Does this affect most hosted exchange services?

    Link works fine for me. Goes to the Microsoft Security Bulletin MS09-003 on TechNet.
    exoplasm wrote: »
    Does this affect most hosted exchange services?

    If the hosted service isn't patching, yes. The patch was released yesterday (10 Feb 2009). Since a lot of hosting services don't necessarily patch auomatically (or in some cases, at all), it could be a valid concern.

    Yes, since the hosted service is using Exchange if they don't patch then the server is screwed the moment an exploit appears. Frankly I wouldn't be surprised if there is already an exploit in the wild.

    Also, an SMTP proxy does not prevent this from occurring. I can't remember the exact detail but on receiving a specially crafted email exchange parses some specific information in the email at which point the server gets exploited.

    This is probably the most serious exploit of Exchange I've ever seen.

    GrimReaper on
    PSN | Steam
    ---
    I've got a spare copy of Portal, if anyone wants it message me.
Sign In or Register to comment.