Vulnerability in Exchange Server 2003 Could Lead ...

Who should read this document: System administrators who have servers that are running Microsoft® Outlook® Web Access for Microsoft Exchange Server 2003

Impact of vulnerability: Elevation of Privilege

Maximum Severity Rating: Moderate

Recommendation: System administrators should install this security update on all front-end servers that are running Outlook Web Access for Exchange Server 2003. Microsoft also recommends installing this security update on all other Exchange 2003 servers so that they will be protected if they are later designated as front end servers.

Security Update Replacement: None

Caveats: Apply the update when a disruption in OWA and Simple Mail Transfer Protocol (SMTP) mail flow and other Internet Information Services (IIS) applications is acceptable.

Tested Software and Security Update Download Locations:

Affected Software:
Microsoft Exchange Server 2003 - Download the Update

Non Affected Software:
Microsoft Exchange 2000 Server
Microsoft Exchange Server 5.5

The software listed above has been tested to determine if the versions are affected. Other versions either no longer include security patch support or may not be affected. Please review the Microsoft Support Lifecycle Web site to determine the support lifecycle for your product and version.