Security Alerts




Microsoft Patches Critical Flaw in Forefront Protection for Exchange Server

Severity: High Summary: These vulnerabilities affect: ?Forefront Protection 2010 for Exchange Server?(FPE) How an attacker exploits it: By sending a specially crafted email Impact: ?An unauthenticated attacker can execute code with the privileges of the configured service account What to do: Install the FPE update as soon as possible, or let Windows Automatic Update do it for you Exposure: Forefront Protection for Exchange Server (FPE) is an antivirus and anti-spam security product designed to protect Microsoft’s popular Exchange email server.?According to a? bulletin ?released on Patch Day, FPE suffers from an unspecified vulnerability involving the way it parses specially crafted email messages.?By sending a malicious email to a vulnerable Exchange server, an unauthenticated attacker can exploit this vulnerability to execute code on your Exchange server with the configured service account’s privileges. On the surface, this vulnerability sounds quite severe, and it is if exploitable.

Source:
Microsoft Patches Critical Flaw in Forefront Protection for Exchange Server
February 12, 2014 — Category: Security Alerts