Slashdot Mirror

← Back to Stories (view on slashdot.org)

MS Critical Patch Fixes 8 Vulnerabilities

Posted by CmdrTaco on from the your-server-is-sick dept.

nandemoari writes "A hole allowing hackers to take control of Microsoft Exchange was just one 'critical' issue the Redmond-based company promises it has fixed with a patch correcting a total of eight vulnerabilities in its programs, including the Internet Explorer browser, Office, and its SQL Server. Three of the eight vulnerabilities patched yesterday were marked 'critical.' The most concerning is an issue with Exchange that would allow attackers to take over an Exchange server by simply forwarding a carefully crafted message to a corporate mail server. Microsoft has admitted that the vulnerability can be exploited when a user opens or previews an email in the Transport Neutral Encapsulation Format (TNEF)."

10 of 202 comments (clear)

  1. Doesn't Sound so Bad by segedunum · · Score: 5, Funny

    Many people would love to outsource management of Exchange server, and it's even better if someone wants to do it for free.

  2. Stop spreading FUD by Fred_A · · Score: 4, Funny

    It's all closed source, so there aren't any real vulnerabilities. Even the certified professionals say so. They're certified what more do you need !

    As if you could spread havoc through email on a proprietary system. Bah.

    --

    May contain traces of nut.
    Made from the freshest electrons.
    1. Re:Stop spreading FUD by Fred_A · · Score: 4, Funny

      We DON'T want to know what demonic code is stored in the source files on some secure Microsoft server up in Redmond.

      Hmmm...

      Did you know that if you boot Windows backwards you can hear satanic APIs ?

      --

      May contain traces of nut.
      Made from the freshest electrons.
  3. Re:Oddly enough... by whyareallthenamestak · · Score: 5, Funny

    *For you yungins, go look up Kelly Bundy and the above phrase.

    I just did. The top result is your post!

  4. Re:Its really time to spread the word: by techamed · · Score: 2, Funny

    Hang on I'll send an email

  5. Re:Oddly enough... by Anonymous Coward · · Score: 3, Funny

    And the next thing we will hear is that Kelly Bundy has been citing smooth wombat for all these years.

  6. Re:Is it that easy? by SatanicPuppy · · Score: 3, Funny

    Wow, you have a firewall that stops email from getting to a mail server! I gotta get me one of those...It would reduce my workload by 95%! Since I don't answer any of my phones, the only way people could contact me with problems would be by ambushing me on the way to the bathroom.

    It would keep the CEO from ever contacting me, that's for sure. God knows he'd never be caught down here with people who do work.

    --
    ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
  7. So.... by Trashman · · Score: 5, Funny

    ....What "carefully crafted message" would I need to send to take over an Exchange Server?

    To: ExchangeServer@company.com
    Subject: H3ll0

    I 0wn you Now. Please reply back with passwords.

    Regards,
    Hax0r

    --
    Do not read this .sig
  8. Oblig. Quote by Anonymous Coward · · Score: 4, Funny

    That's nothing! If you boot Windows forwards, it loads Windows!

  9. Re:We installed it ... by lukas84 · · Score: 4, Funny

    Yes, they should. Namely by you. In your testing environment. Before deploying it to production.