ZDNet UK - Where Technology Means Business

ZDNet UK

CNET NETWORKS UK BUSINESS SITES:
atlarge.com
BNET UK
silicon.com
SmartPlanet.com
ZDNet.co.uk

Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007

You are here: ZDNet.co.uk > News > Security

Security threats Toolkit

Microsoft issues Exchange flaw fix

James Pearce ZDNet Australia

Published: 26 Nov 2003 09:15 GMT

Microsoft has issued a knowledge paper on how to fix the flaw in Exchange Server 2003.

Last week Microsoft announced it had received notification of a flaw in Microsoft Exchange Server 2003 that either denied users access to Outlook Web Access or, worse, gave them full access to someone else's account.

Andrew Cunningham, Exchange product manager for Microsoft Australia, told ZDNet Australia that investigations by Microsoft had revealed the issue came to light when someone ran Microsoft Windows SharePoint Services on an Exchange Server.

"It's not a common scenario," Cunningham said. "Most organisations have a dedicated Exchange application and a dedicated SharePoint scenario as well." This issue arose because SharePoint turned off the Kerberos authentication, which is set on by default on the Exchange Server.

Microsoft has issued a paper detailing how to fix the problem, which involves turning the Kerberos authentication back on for the Exchange server, and also running it on SharePoint. The paper is available from Microsoft's Web site.

"We'll continue testing to close [the investigation] off," said Cunningham. "To see whether we need to make changes to the code, or whether any other knowledge-based articles need to be released."

Did you find this article useful?
51 out of 119 people found this useful

In association with Intel

Full Talkback thread

0 comments

Related Links

News Microsoft plugs 21 security holes
News Malware authors exploit Microsoft's monthly cycles
News Microsoft investigates Exchange security hole
News IE bug crashes browsers
News Microsoft rushes to fix Outlook flaw

Most Recent
Most Popular
Most Discussed

More In Security threats

Company/Topic Alerts

Create a new alert from the list below:

Related Jobs

Sharepoint developer (East Mids)

IT Network Support

Senior Netowrk Engineer

Install Flash Player Plugin

Toshiba developing quantum repeater

Toshiba is developing a device it hopes will allow for global quantum key distribution. The company is developing a quantum repeater, a device to regenerate a quantum key once quantum... More

Nasa hacker loses last-ditch appeal

Self-confessed Nasa hacker Gary McKinnon has lost his appeal to Home Secretary Jacqui Smith against extradition to the US. In an email sent to ZDNet.co.uk on Monday, McKinnon's... More

Up to 1.7m MoD personal details missin...

The potential number of people affected by the the loss of a hard disk containing MoD details could be a high as 1.7 million, defence minister Bob Ainsworth told parliament on Monday. In... More

Featured Oracle Resources

Human Resources Management eBook

Supply Chain Management eBook

Design and Innovation Report

Economist Intelligence Unit Report - Technology and growth at mid-sized companies

See All White Papers

Skip Sub Navigation Links to CNET Brand Links

About CNET Networks UK

Copyright © 1995-2008 CNET Networks, Inc. All rights reserved