MS07-026: Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)

An Exchange Server related security bulletin was released, here are some details; please go and get the patches that apply to your Exchange version! Issued: May 08, 2007 Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Recommendation: Customers should apply the update immediately Security Update Replacement: This bulletin replaces two prior security updates. See the […]

An Exchange Server related security bulletin was released, here are some details; please go and get the patches that apply to your Exchange version!

Issued: May 08, 2007

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Recommendation: Customers should apply the update immediately

Security Update Replacement: This bulletin replaces two prior security updates. See the Frequently Asked Questions (FAQ) section of the bulletin for details.

Affected Software:

  • Microsoft Exchange 2000 Server Service Pack 3 with the Exchange 2000 Post-Service Pack 3 Update Rollup of August 2004
  • Microsoft Exchange Server 2003 Service Pack 1
  • Microsoft Exchange Server 2003 Service Pack 2
  • Microsoft Exchange Server 2007

Please go here for more information and links to get the updates!

Additionally, you can read about all patches released yesterday on the Microsoft Security Response Center (MSRC) blog.

One additional note about those fixes for Exchange 2000 and 2003. Please be aware that those fixes include the "Send As" behavior change as discussed in this KB article. Functionality of your 3rd party applications might be affected. Please make sure to check the article 912918!

Microsoft, Exchange 2007, Exchange 2003, Server, Security, Patch, Updates, MS07-026, Vulnerability, Microsoft Exchange, Remote Code Execution, 931832