MS07-026: Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)

Published May 09 2007 03:29 PM 1,846 Views

An Exchange Server related security bulletin was released yesterday. Here are some details; please go and get the patches that apply to your Exchange version!

Issued: May 08, 2007

Impact of Vulnerability: Remote Code Execution

Maximum Severity Rating: Critical

Recommendation: Customers should apply the update immediately

Security Update Replacement: This bulletin replaces two prior security updates. See the Frequently Asked Questions (FAQ) section of the bulletin for details.

Affected Software:

  • Microsoft Exchange 2000 Server Service Pack 3 with the Exchange 2000 Post-Service Pack 3 Update Rollup of August 2004
  • Microsoft Exchange Server 2003 Service Pack 1
  • Microsoft Exchange Server 2003 Service Pack 2
  • Microsoft Exchange Server 2007

Please go here for more information and links to get the updates!

Additionally, you can read about all patches released yesterday on the Microsoft Security Response Center (MSRC) blog.

EDIT: One additional note about those fixes for Exchange 2000 and 2003. Please be aware that those fixes include the "Send As" behavior change as discussed in this KB article. Functionality of your 3rd party applications might be affected. Please make sure to check the article 912918!

- Nino Bilic

Version history
Last update:
‎Jul 01 2019 03:28 PM
Updated by: