Security, et al

Randy's Blog on Infosec and Other Stuff Follow @randyfsmith

« Commentary and analysis p... | Zero Day Vulnerability in... »

You’ve got 2 weeks to patch Outlook Web Access

Wed, 14 Jun 2006 15:30:04 GMT

That’s how long Austrian based SEC Consult plans to give you to load MS06-029 - Vulnerability in Microsoft Exchange Server Running Outlook Web Access Could Allow Script Injection (912442) before they release vulnerability and exploit details. My recommendation on this patch remains unchanged: "Patch ASAP".

SEC Consult claims to have discovered the vulnerabilty and notified Microsoft way back on October 27, 2005.

Interestingly, the SEC Consult advisory makes the point that Internet Explorer handles risks like this better than Firefox and other browsers. Here’s a link to the SEC Consult advisory:

http://www.sec-consult.com/268.html

email this • digg • reddit • dzone
comments (0) • references (0)

Comments disabled

Archive

Upcoming Webinars

Anatomy of a Cloud Hack: The Cloudflare/Okta Compromise – A Story of Tokens, Lateral Movement, Persistence and the Salvation of Zero Trust and Hard MFA Tokens

Additional Resources

User name:
Password:
	/ Forgot?
	Register

April 2024 Patch Tuesday	"Patch Tuesday - One Zero Day and Record Number of Patches! " - sponsored by LOGbinder

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.