Honestly, i'm not sure either. Our Microsoft TAM couldn't give us details either, but they all seem to be agreeing that exchange is vulnerable itself.
It worries me enough to step up patching on the exchange side of the house.
Printable View
Honestly, i'm not sure either. Our Microsoft TAM couldn't give us details either, but they all seem to be agreeing that exchange is vulnerable itself.
It worries me enough to step up patching on the exchange side of the house.
With the ability to 'rollback' patches and uninstall 'Hotfixs' these days, I would suggest that everyone look in to SUS/WUS for their MS environments.
Automating the basics of patch management is the way to go. SUS is free and easy to set up. Highly controllable through GPO or the old fashion way with registry edits. You can find a lot of tools and support at www.susserver.com. By far one of the most useful SUS/WUS site on the net. It is loaded with tutorials and tools that make setup/install/maintenance a breeze.
Just another way to keep in step or one step ahead of the game. And we all know that helps given the pace we are forced to play.
I guess what I'm hung up on is the line:
The comment about requiring user interaction is not tied to Exchange but rather the OS:Quote:
On Exchange Server 5.0, Exchange Server 5.5, Exchange 2000 Server, and Exchange Server 2003 any anonymous user who could deliver a specially crafted message to the affected system could try to exploit this vulnerability.
...that's how I read it. Maybe I'm splitting hairs here, but this hair is an ugly email worm that could take down Exchange server with simple email.Quote:
User interaction is required to exploit this vulnerability on Windows 2000, Windows XP, and Windows Server 2003.
Call me paranoid! (sigh)
You're right in principle, however one of these patches, MS05-009, cannot be rolled back according to Microsoft. :(Quote:
Originally posted here by digitalgadfly
With the ability to 'rollback' patches and uninstall 'Hotfixs' these days, I would suggest that everyone look in to SUS/WUS for their MS environments.
It's the patch for MSN Messenger for XP SP1 they are referring to.
/snip from their bulletin here [urlhttp://www.microsoft.com/technet/security/bulletin/MS05-009.mspx[/url]
So my point is test-test-test (at least as best you can).Quote:
Microsoft Windows Messenger 4.7.0.2009 on Windows XP Service Pack 1
You're right about SUS: it's a god-send!
As I said, I'm not sure what the technical details are here. Our microsoft technical guys even seemed unsure. All they can say is "exchange vulnerable, patch soon."