MS14-075 - Important: Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3009712)

	MS14-075 - Important: Vulnerabilities in...

Severity Rating: Important
Revision Note: V3.0 (December 12, 2014): Rereleased bulletin to announce the reoffering of Microsoft security update 2986475 for Microsoft Exchange Server 2010 Service Pack 3. The rereleased update addresses a known issue in the original offering. Customers who uninstalled the original update should install the updated version of 2986475 at the earliest opportunity.
Summary: This security update resolves four privately reported vulnerabilities in Microsoft Exchange Server. The most severe of these vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL that takes them to a targeted Outlook Web App site. An attacker would have no way to force users to visit a specially crafted website. Instead, an attacker would have to convince them to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's website, and then convince them to click the specially crafted URL.

- View Microsoft Security Bulletin MS14-075
- View Microsoft Knowledge Base Article - on: 3.
- Visit Microsoft Corporation

Posted: December 12, 2014 | By: Wissen Schwamm

Recent Microsoft related news.

MS14-085 - Important: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126) - Version: 1.1

MS16-123 - Important: Security Update for Windows Kernel-Mode Drivers (3192892) - Version: 3.0

MS16-087 - Critical: Security Update for Windows Print Spooler Components (3170005) - Version: 2.0

MS16-095 - Critical: Cumulative Security Update for Internet Explorer (3177356) - Version: 3.0

MS16-039 - Critical: Security Update for Microsoft Graphics Component (3148522) - Version: 4.0

+ View more Microsoft related news +

			More Technical Information Than You Can Handle.

MS14-075 - Important: Vulnerabilities in...