Blog Post

Exchange Team Blog
1 MIN READ

MS05-021: Vulnerability in Exchange Server Could Allow Remote Code Execution (KB:894549)

The_Exchange_Team's avatar
Apr 13, 2005

An Exchange Server related security bulletin was released today. Here are some details; please go and get the patches that apply to your Exchange version!

Issued: April 12, 2005

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Recommendation: Customers should apply the update immediately.

Affected Software:

    • Microsoft Exchange 2000 Server Service Pack 3
 
    • Microsoft Exchange Server 2003
 
    • Microsoft Exchange Server 2003 Service Pack 1
 
Non-Affected Software:

    • Microsoft Exchange Server 5.5 Service Pack 4
 
    • Microsoft Exchange Server 5.0 Service Pack 2
 
Please go here for more information and links to get the updates!

- Nino Bilic

Updated Jul 01, 2019
Version 2.0
  • There appears to be an error in KB894549. The Exchange 2000 SP3 update instructions link to Exchange 2000 Post-SP3 Rollup Patch 6487.1 as a pre-req. Actually, the critical update in KB894549 won't install unless you have Exchange 2000 Post-SP3 Rollup Patch 6603.1 (KB870540).