Microsoft Security Bulletins

Microsoft released their monthly securty bulletins identifying yet another cross-site scripting error, this time with the beleagured Outlook Web Access (OWA) in Exchange 5.5. OWA has a long history of issues. I don’t think that exposing Exchange via an HTML interface is a good idea. SMTP and POP with authentication, SSL, passwords and perhaps VPNs offer a far more secure way for clients to access Exchange remotely. Better yet, find a secure mail server. for more details.

The second email I got was a “re-release” of MS04-020 showing that more products are affected. If you are running INTERIX 2.2 (what’s that?), you’ll want to review the bulletin at

No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.