Your IT Consultant
Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.
Microsoft Exchange 2013 Bug Fix
September 30, 2015
Microsoft recently released a patch to fix a vulnerability in Exchange 2013. The vulnerability is with Outlook Web Access (OWA) where an attacker can force the Microsoft Exchange Server to dump debug data on the screen by accessing a maliciously crafted URL. You can then sift through the data to get enough information that would allow access to active OWA sessions. The problem has been fixed in MS15-103 so make sure you apply the fix.
E-mail: Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.linkedin.com/in/johnsimek
http://www.senseient.com