Carpe Diem: Flaphead.com : MS08-039: Which users are vulnerable to the OWA XSS vulnerability?

News

<script type="text/javascript" src="http://technorati.com/embed/3ni3q36ikc.js"> </script>
This information is provided "AS IS" with no warranties, and confers no rights. Also some of the information contains my views and thoughts.
<script src="http://widgets.technorati.com/t.js" type="text/javascript" charset="UTF-8"></script>
Blog Information Profile for flaphead

Add Me! - Search Engine Optimization

Navigation

Blog Roll

Blog Search Engines

We Blog A Lot

Archives

MS08-039: Which users are vulnerable to the OWA XSS vulnerability?

This makes an interesting read .. Found it up on the Security Vulnerability Research & Defense Blog

Today we released MS08-039 which addressed several XSS vulnerabilities in Microsoft Exchange’s Outlook Web Access component. While this is an update to be applied to the Exchange server, the clients who use OWA are the computers potentially at risk. We’d like to explain a little more about the vulnerability so that you can determine whether you or your organization are at risk.

OWA has two modes: OWA Light (or OWA Basic for Exchange 2003), and OWA Premium. In short, if OWA Light/Basic is used, you are vulnerable to the XSS vulnerability. You can tell whether OWA Light is used via the “Use Outlook Web Access Light” check box in OWA’s logon screen.

...

Posted: 09 July 2008 13:00 by Paul Flaherty

Filed under: MsExchange, Security, Flaphead, Exchange

Comments

Archive » MS08-039: Which users are vulnerable to the OWA XSS vulnerability? said:

PingBack from http://archive.morelyrics.co.uk/2008/07/09/ms08-039-which-users-are-vulnerable-to-the-owa-xss-vulnerability/

# July 9, 2008 15:17

New Comments to this post are disabled

Carpe Diem: Flaphead.com

Recent Posts

Tags