%3CLINGO-SUB%20id%3D%22lingo-sub-609398%22%20slang%3D%22en-US%22%3EMS05-021%3A%20Vulnerability%20in%20Exchange%20Server%20Could%20Allow%20Remote%20Code%20Execution%20(KB%3A894549)%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-609398%22%20slang%3D%22en-US%22%3E%3CP%3E%3C%2FP%3E%3CP%3E%3CFONT%20face%3D%22Verdana%22%20size%3D%222%22%3EAn%20Exchange%20Server%20related%20security%20bulletin%20was%20released%20today.%20Here%20are%20some%20details%3B%20please%20go%20and%26nbsp%3Bget%20the%20patches%20that%20apply%20to%20your%20Exchange%20version!%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%3CFONT%20face%3D%22Verdana%22%20size%3D%222%22%3E%3CSTRONG%3EIssued%3A%3C%2FSTRONG%3E%20April%2012%2C%202005%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%3CFONT%20face%3D%22Verdana%22%20size%3D%222%22%3E%3CSTRONG%3EImpact%20of%20Vulnerability%3A%3C%2FSTRONG%3E%20Remote%20Code%20Execution%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%3CFONT%20face%3D%22Verdana%22%20size%3D%222%22%3EMaximum%20Severity%20Rating%3A%20%3CSTRONG%3E%3CFONT%20color%3D%22%23ff0000%22%3E%3CSTRONG%3ECritical%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%3CFONT%20face%3D%22Verdana%22%20size%3D%222%22%3E%3CSTRONG%3ERecommendation%3A%3C%2FSTRONG%3E%20Customers%20should%20apply%20the%20update%20immediately.%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%3CFONT%20face%3D%22Verdana%22%20size%3D%222%22%3E%3CSTRONG%3EAffected%20Software%3A%3C%2FSTRONG%3E%20%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%3CFONT%20face%3D%22Verdana%22%20size%3D%222%22%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%E2%80%A2%20Microsoft%20Exchange%202000%20Server%20Service%20Pack%203%3CBR%20%2F%3E%26nbsp%3B%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%E2%80%A2%20Microsoft%20Exchange%20Server%202003%3CBR%20%2F%3E%26nbsp%3B%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%E2%80%A2%20Microsoft%20Exchange%20Server%202003%20Service%20Pack%201%3CBR%20%2F%3E%26nbsp%3B%3CBR%20%2F%3E%3CSTRONG%3ENon-Affected%20Software%3A%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%3CFONT%20face%3D%22Verdana%22%20size%3D%222%22%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%E2%80%A2%20Microsoft%20Exchange%20Server%205.5%20Service%20Pack%204%3CBR%20%2F%3E%26nbsp%3B%3CBR%20%2F%3E%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%E2%80%A2%20Microsoft%20Exchange%20Server%205.0%20Service%20Pack%202%3CBR%20%2F%3E%26nbsp%3B%3CBR%20%2F%3E%3CA%20href%3D%22http%3A%2F%2Fwww.microsoft.com%2Ftechnet%2Fsecurity%2FBulletin%2FMS05-021.mspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CFONT%20color%3D%22%230000ff%22%3EPlease%20go%20here%20for%20more%20information%20and%20links%20to%20get%20the%20updates%3C%2FFONT%3E%3C%2FA%3E!%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%3CFONT%20face%3D%22Verdana%22%20size%3D%222%22%3E-%20%3CA%20href%3D%22http%3A%2F%2Fblogs.technet.com%2Fexchange%2Farticles%2F63464.aspx%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3ENino%20Bilic%3C%2FA%3E%3C%2FFONT%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-609398%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAdministration%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Eall%20posts%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Emicrosoft%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E

An Exchange Server related security bulletin was released today. Here are some details; please go and get the patches that apply to your Exchange version!

Issued: April 12, 2005

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Recommendation: Customers should apply the update immediately.

Affected Software:

    • Microsoft Exchange 2000 Server Service Pack 3
 
    • Microsoft Exchange Server 2003
 
    • Microsoft Exchange Server 2003 Service Pack 1
 
Non-Affected Software:

    • Microsoft Exchange Server 5.5 Service Pack 4
 
    • Microsoft Exchange Server 5.0 Service Pack 2
 
Please go here for more information and links to get the updates!

- Nino Bilic

1 Comment
Not applicable
There appears to be an error in KB894549. The Exchange 2000 SP3 update instructions link to Exchange 2000 Post-SP3 Rollup Patch 6487.1 as a pre-req. Actually, the critical update in KB894549 won't install unless you have Exchange 2000 Post-SP3 Rollup Patch 6603.1 (KB870540).