Microsoft Security Bulletin MS08-039
XSS Vulnerabilities Affect Exchange Servers Running OWA
8 July, 2008
Summary:
This vulnerability affects: Exchange Servers running Outlook Web Access (OWA)
How an attacker exploits it: By enticing one of your users into opening a specially crafted email within an OWA session
Impact: The attacker gains access to the victim’s OWA email account
What to do: Deploy the appropriate Exchange Server patch as soon as possible
Patch Downloads:
Exchange 2003 (KB950159) – http://tinyurl.com/5p2bg7
Exchange 2007 (KB953469) – http://tinyurl.com/5d75t7
Exchange 2007SP1 (KB949870) – http://tinyurl.com/5z9vel
Pingback: Websites tagged "owa" on Postsaver