Microsoft has released security updates for Exchange 2000 SP3, Exchange 2003 SP2, Exchange 2007 SP1/SP2 and Exchange 2010. For both Exchange 2007 and 2010 this security fix is included in a rollup. For Exchange 2007 SP1 this is the 10th rollup, for Exchange 2007 the 4th and for Exchange 2010 the 3rd.
The update applies a fix to the Windows SMTP service because of a vulnerability which was recently found. This made it possible to perform a DOS attack on the Windows SMTP service.
Below you will find the links to the patches and a link to the security bulletin which has been published about this vulnerability.
Exchange 2000 SP3: open
Exchange 2003 SP2: open
Exchange 2007 SP1: open
Exchange 2007 SP2: open
Exchange 2010: open
Microsoft Security Bulletin MS10-024: open
Comments
