Randy's Blog on Infosec and Other Stuff
Commentary and analysis p... |
Zero Day Vulnerability in... »
Wed, 14 Jun 2006 15:30:04 GMT
That’s how long Austrian based SEC Consult plans to give you to load MS06-029 - Vulnerability in Microsoft Exchange Server Running Outlook Web Access Could Allow Script Injection (912442) before they release vulnerability and exploit details. My recommendation on this patch remains unchanged: "Patch ASAP".
SEC Consult claims to have discovered the vulnerabilty and notified Microsoft way back on October 27, 2005.
Interestingly, the SEC Consult advisory makes the point that Internet Explorer handles risks like this better than Firefox and other browsers. Here’s a link to the SEC Consult advisory:
SolarWinds Log & Event Manager Includes My Favorite Feature in a SIEM…
Crazy Ideas for Combatting Zombies and APTs
Understanding the Difference between “Account Logon” and “Logon/Logoff” Events in the Windows Security Log
powered by Bloget™