Severity: Medium
Summary:
- These vulnerabilities affect: Exchange Server 2007 and 2010
- How an attacker exploits it: By enticing a user to preview a specially crafted attachment within an email
- Impact: An attacker can execute code with the restricted privileges of the LocalService account
- What to do: Deploy the appropriate Exchange Server update as soon as possible, or let Windows Automatic Update do it for you
Exposure:
Microsoft Exchange is one of the most popular email servers used today. It includes many advanced features and capabilities. One such feature, called WebReady Document Viewing, allows your email users to preview attached documents as web pages. Exchange leverages Oracle’s Outside In technology to parse these documents and provide these previews.
Unfortunately, Oracle recently found a number of vulnerabilities in their Outside In libraries, which they fixed during their quarterly Critical Patch Update (CPU) last July. Early August, Microsoft realized Exchange was also affected by Oracle’s Outside In vulnerabilities, and they released a security advisory warning their customers about it (we highlighted this advisory in WatchGuard Security Week in Review a few weeks ago). Though Microsoft’s advisory provided a workaround for the issue, it didn’t completely fix it
Today’s Exchange security bulletin does completely resolve the Oracle Outside In vulnerabilities within Exchange.
In a nutshell, the Outside In libraries that Exchange leverages suffer from a number of code execution vulnerabilities having to do with how they parse various types of files. By enticing one of your email users to preview a specially crafted document attached to an email, an attacker can exploit any of these flaws to execute code directly on your Exchange server. Luckily, the code only executes with the permissions of the LocalService account, which has very limited privileges. Nonetheless, we recommend Exchange administrators update as soon as possible.
Solution Path:
Microsoft has released Exchange updates to correct these vulnerabilities. You should download, test, and deploy the appropriate update as soon as possible, or let Windows Update do it for you. You can find the updates in the “Affected and Non-Affected Software” section of Microsoft’s Exchange bulletin.
For All WatchGuard Users:
If you like, you can configure WatchGuard’s security appliances to block or strip the document types necessary for attackers to exploit these vulnerabilities. However, some of the affected documents include ones that most administrators prefer to allow, such as Word and PDF documents. Therefore, we recommend you apply the patches instead.
Status:
Microsoft has released patches to fix these vulnerabilities.
best coffee makers says
It is dependent upon how many cups of coffee you might be making.
With the several range of choices offered one cannot miss receiving a coffee-making machine of their preferred choice.
But for those wanting to benefit from this ages old French design,
or simply just try new things with their morning java, options
abound.
servertalk.in says
Bosch’s Tassimo is the ideal solution for many who do not like to brew an entire cup of coffee.
The filter will catch the grounds so they do not end up within your coffee
cup. Thus, French coffee makers are best for preserving the flavour of it.
Penny says
If you make your personal milk shakes, smoothies or similar flavored drinks,
a kitchen handheld blender can make your life much simpler.
You can search the internet for relevant reviews regarding Braun’s
fabulous products. Before you acquire it, make sure you perform comprehensive
research about it to get the one made from probably the most
reliable and trustworthy company.