Cameras
Camcorders
Cell Phones
Components
Desktops
HDTV
Home Theater
GPS
Laptops
Monitors
MP3 Players
Networking &
Printers
Storage
WiFi Finder
Locate wireless services by a specific address, city, state, country, airport, or zip code.
Another Hole Found in Outlook Web Access
Microsoft says flaw could allow unauthorized users to send and delete e-mail messages.
Joris Evers, IDG News Service
A flaw in the Outlook Web Access module in Microsoft's Exchange 5.5 e-mail system could allow unauthorized access to user's mailboxes, the company warned late Thursday.
The problem lies in the way Outlook Web Access handles inline script in HTML e-mail messages, Microsoft says in a security bulletin. An attacker can get full control over a mailbox when an e-mail message with embedded malicious code is opened using Microsoft's Internet Explorer browser and Outlook Web Access, Microsoft says.
Although the attacker can delete mailbox contents, move messages, and send messages as if they were the user, it isn't possible to send e-mail to addresses in the user's address book, which prevents a mass-mailing attack, Microsoft says.
Outlook Web Access allows users to access their e-mail via the Web, rather than using the Outlook client software on their PC.
Microsoft is having a tough time securing Outlook Web Access. In June it took the company three patches to plug a similar hole. The first and second patches for the hole, which affected both Exchange 2000 Server and Exchange 5.5, left administrators with dysfunctional e-mail systems.
Microsoft, which gives the vulnerability a "moderate" severity rating, urges administrators who have deployed Outlook Web Access to immediately install a patch to fix the flaw. The patch is available from Microsoft's TechNet Web site.
Microsoft's security bulletin can be viewed on the company's Web site.
Full Windows 7 coverage
Acer Laptop Center
- Great year-end deals
for small business! -
Get 24/7 live remote AT&T Tech Support 360* service along with select Lenovo* PCs (with Intel® Core™ 2 Duo processors) and save up to 200!
-
HP EliteBook* 6930p Notebook with Intel® vPro™ technology and a free HP Basic Docking Station - $641 instant savings!
- *Other names and brands may be claimed as the property of others. ©2009 Intel Corporation. Intel, the Intel logo, vPro and Core trademarks of Intel Corporation in the United States and other countries. All rights reserved.
Dell End of Year Deals
-
Ring in the New Year with Huge Deals on Dell Computers Up to 30% Popular Dell Laptops, up to 25% off Popular Dell Desktops. Sales ends 12/31 5AM EST.
People who read this also read:
Best Prices on System Utilities
Parallels Desktop 4.0 for Mac (Full Product)Price: $49.99
Fusion 3Price: $69.99
Norton Partition Magic 8.0 Rev1RetailPrice: $49.99
Registry Mechanic 8Price: $22.50
Prosoft Drive Genius 2Price: $49.88
2009 ProfessionalPrice: $29.00
-
Perfect Printing Solutions Find just the right All-in-One Printer for you from HP. Visit the HP Resource Center.
-
Acer Laptop Center Forget the Mouse...check out the next generation multi-gesture touch screen technology from Acer.
-
Dell Shopping Center Check out great deals from Dell!
