MS13-105 – Critical : Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2915705) – Version: 1.1

Severity Rating: Critical
Revision Note: V1.1 (December 10, 2013): Updated the Known Issues entry in the Knowledge Base Article section from “None” to “Yes”.
Summary: This security update resolves three publicly disclosed vulnerabilities and one privately reported vulnerability in Microsoft Exchange Server. The most severe of these vulnerabilities exist in the WebReady Document Viewing and Data Loss Prevention features of Microsoft Exchange Server. These vulnerabilities could allow remote code execution in the security context of the LocalService account if an attacker sends an email message containing a specially crafted file to a user on an affected Exchange server. The LocalService account has minimum privileges on the local system and presents anonymous credentials on the network.

Powered by WPeMatico

Leave a Reply

Your email address will not be published. Required fields are marked *

* Copy This Password *

* Type Or Paste Password Here *

29,608 Spam Comments Blocked so far by Spam Free Wordpress