Security, et al

Randy's Blog on Infosec and Other Stuff

«  Commentary and analysis p... | Zero Day Vulnerability in... »

You’ve got 2 weeks to patch Outlook Web Access

Wed, 14 Jun 2006 15:30:04 GMT

That’s how long Austrian based SEC Consult plans to give you to load MS06-029 - Vulnerability in Microsoft Exchange Server Running Outlook Web Access Could Allow Script Injection (912442) before they release vulnerability and exploit details. My recommendation on this patch remains unchanged: "Patch ASAP".

SEC Consult claims to have discovered the vulnerabilty and notified Microsoft way back on October 27, 2005.

Interestingly, the SEC Consult advisory makes the point that Internet Explorer handles risks like this better than Firefox and other browsers. Here’s a link to the SEC Consult advisory:

http://www.sec-consult.com/268.html

email this digg reddit dzone
comments (0)references (0)

Related:
Auditing Privileged Operations and Mailbox Access in Office 365 Exchange Online
5 Indicators of Endpoint Evil
Live with Dell at RSA 2015
Anatomy of a Hack Disrupted: How one of SIEM’s out-of-the-box rules caught an intrusion and beyond

Comments disabled

powered by Bloget™

Search


Categories
Recent Blogs
Archive


 

Additional Resources