[Microsoft Alert] Microsoft Security Bulletin MS06-019
Vulnerability in Microsoft Exchange Could Allow Remote Code
Execution (916803)
Issued: May 9, 2006
Version: 1.0
Summary
Who should read this document: System administrators who use Microsoft Exchange
Impact of Vulnerability: Remote Code Execution
Maximum Severity Rating: Critical
Recommendation: Customers should apply the update immediately.
Security Update Replacement: This bulletin replaces a prior security update. See the frequently asked questions (FAQ) section of this bulletin for the complete list.
Vulnerability Details:
This update resolves a newly-discovered, privately-reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin.
An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
We recommend that customers apply the update immediately.
Affected Software:
Microsoft Exchange Server 2000 with the Exchange 2000 Post-Service Pack 3 Update Rollup of August 2004
Microsoft Exchange Server 2003 Service Pack 1
Microsoft Exchange Server 2003 Service Pack 2
References: http://www.microsoft.com/security/bulletins/current.mspx (Microsoft Security Updates)
