Site Directory
Membership
Train-the-Trainer
Trainer Certification
Certified Training Materials
ITinfo E-zine
Responsible Training
White Papers
Trainer Resources
What's New
Speaking Engagements
Onsite Training
ITrain Gear
Popular Links
Speaking Engagements
Training Manuals
Certification
Train the Trainer
The Training Book
Technical Writing
Privacy Policy
MS Exchange Leaks Email
Security hole needs patching -- fast!
ITinfo Sponsor
ERROR: Random File Unopenable
The file was not found on your file system. This means that it has either not been created or the path you have specified in $trrandom_file is incorrect.
Microsoft Exchange 2000 Security Hole
by Dave MurphyISSN 1535-3613
Microsoft revealed a security hole in its Exchange 2000 mail server that allows crackers to target corporate email resources, including accessing, modifying, and deleting individual employee email messages. User's of Microsoft Outlook Web Access, the program grants email access via a web browser are at risk.
To exploit the flaw, an attacker would have to create a special text attachment that includes HTML code and scripts. While the attachment would appear to be a text file to the recipient, once opened, the script would automatically execute without notification. Windows normally notifies users that a script has been included in an incoming email message; however, in this case, Windows won't flag the user.
Microsoft has released a patch that covers this security hole.
Call for Comments
What do you think? Leave your comments on the message center
References
MicrosoftMessage Center
Previous issues are on our website at http://itrain.org/itinfo/.
International Association of Information Technology Trainers
PMB 616
6030-M Marshalee Dr
Elkridge, MD 21075-5987
410.567.5366
1.888.290.6200
fax: 801.650.0423
Membership Director: member@itrain.org
Copyright © 2001 International Association of Information Technology Trainers, Ltd., All Rights Reserved
http://itrain.org/itinfo/2001/it010607.html
updated June 7, 2001