|
Bulletin Severity Rating:Critical - This security update resolves two privately reported vulnerabilities in Microsoft Exchange Server. The first vulnerability could allow remote code execution if a specially crafted TNEF message is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could take complete control of the affected system with Exchange Server service account privileges. The second vulnerability could allow denial of service if a specially crafted MAPI command is sent to a Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could cause the Microsoft Exchange System Attendant service and other services that use the EMSMDB32 provider to stop responding.
|
|
Full View / NID: 26916 / Submitted by: The Zilla of Zuron
|
|
Bulletin Severity Rating:Important - This security update resolves two privately reported vulnerabilities in Outlook Web Access (OWA) for Microsoft Exchange Server. An attacker who successfully exploited these vulnerabilities could gain access to an individual OWA client’s session data, allowing elevation of privilege. The attacker could then perform any action the user could perform from within the individual client’s OWA session.
|
|
Full View / NID: 22792 / Submitted by: The Spirit of Zuron
|
|
The Directory Synchronization Tool (DST) helps you keep your on-site Active Directory® directory service and Microsoft® Exchange Server environment synchronized with your Exchange Hosted Filtering, Exchange Hosted Archive, and Exchange Hosted Continuity services.
|
|
Full View / NID: 22328 / Submitted by: TACKtech Team
|
|
Update Rollup 4 for Exchange Server 2007 resolves issues that were found in Exchange Server 2007 since the software was released. This update rollup is highly recommended for all Exchange Server 2007 customers.
|
|
Full View / NID: 17453 / Submitted by: TACKtech Team
|
|
Bulletin Severity Rating:Critical - This update resolves several newly discovered, privately reported vulnerabilities. Each vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. We recommend that customers apply the update immediately.
|
|
Full View / NID: 15971 / Submitted by: The Spirit of Zuron
|
|
Use Jetstress to verify the performance and stability of a disk subsystem prior to putting an Exchange server into production. Jetstress helps verify disk performance by simulating Exchange disk Input/Output (I/O) load. Specifically, Jetstress simulates the Exchange database and log file loads produced by a specific number of users. You use Performance Monitor, Event Viewer, and ESEUTIL in conjunction with Jetstress to verify that your disk subsystem meets or exceeds the performance criteria you establish. After a successful completion of the Jetstress Disk Performance and Stress Tests in a non-production environment, you will have ensured that your Exchange disk subsystem is adequately sized (in terms of performance criteria you establish) for the user count and user profiles you have established. It is highly recommended that the Jetstress user read through the tool documentation before using the tool.
|
|
Full View / NID: 15904 / Submitted by: TACKtech Team
|
|
Use Jetstress to verify the performance and stability of a disk subsystem prior to putting an Exchange server into production. Jetstress helps verify disk performance by simulating Exchange disk Input/Output (I/O) load. Specifically, Jetstress simulates the Exchange database and log file loads produced by a specific number of users. You use Performance Monitor, Event Viewer, and ESEUTIL in conjunction with Jetstress to verify that your disk subsystem meets or exceeds the performance criteria you establish. After a successful completion of the Jetstress Disk Performance and Stress Tests in a non-production environment, you will have ensured that your Exchange disk subsystem is adequately sized (in terms of performance criteria you establish) for the user count and user profiles you have established. It is highly recommended that the Jetstress user read through the tool documentation before using the tool.
|
|
Full View / NID: 15903 / Submitted by: TACKtech Team
|
|
Use Microsoft Exchange Load Generator (LoadGen) as a simulation tool to measure the impact of MAPI clients on Exchange servers. LoadGen allows you to test how a server running Exchange responds to e-mail loads. To simulate the delivery of these messaging requests, you run LoadGen tests on client computers. These tests send multiple messaging requests to the Exchange server, thereby causing a mail load. LoadGen is a useful tool for administrators who are sizing servers and validating a deployment plan. Specifically, LoadGen helps you determine if each of your servers can handle the load to which they are intended to carry. Another use for LoadGen is to help validate the overall solution.
|
|
Full View / NID: 15902 / Submitted by: TACKtech Team
|
|
Use Microsoft Exchange Load Generator (LoadGen) as a simulation tool to measure the impact of MAPI clients on Exchange servers. LoadGen allows you to test how a server running Exchange responds to e-mail loads. To simulate the delivery of these messaging requests, you run LoadGen tests on client computers. These tests send multiple messaging requests to the Exchange server, thereby causing a mail load. LoadGen is a useful tool for administrators who are sizing servers and validating a deployment plan. Specifically, LoadGen helps you determine if each of your servers can handle the load to which they are intended to carry. Another use for LoadGen is to help validate the overall solution.
|
|
Full View / NID: 15901 / Submitted by: TACKtech Team
|
|
After applying a version of Store.exe that is later than 06.05.7651.26 on a computer that is running Microsoft Exchange Server 2003, the Exchange databases may fail to mount if the security descriptor of the database object has been modified to include a well-known user or group and more than one domain exists in the forest. This problem can also occur if a security identifier (SID) in the database object has conflicting values with another object in Active Directory directory service for one of the following attributes: objectSID,
msExchMasterAccountSid, SIDHistory.
|
|
Full View / NID: 14937 / Submitted by: TACKtech Team
|
|
The Exchange Calendar Update Tool enables administrators to update, using the Time Zone Data Update Tool for Microsoft® Office Outlook®, multiple user mailboxes, thereby avoiding the challenges involved with broadly deploying the Outlook Time Zone Data Update Tool to all end-users.
|
|
Full View / NID: 14756 / Submitted by: TACKtech Team
|
|
The Debug Diagnostic Tool (DebugDiag) is designed to assist in troubleshooting issues such as hangs, slow performance, memory leaks or fragmentation, and crashes in any Win32 user-mode process. The tool includes additional debugging scripts focused on Internet Information Services (IIS) applications, web data access components, COM+ and related Microsoft technologies.
|
|
Full View / NID: 14366 / Submitted by: TACKtech Team
|
|
Starting in the spring of 2007, Daylight Saving Time (DST) start and end dates for the United States will transition to comply with the Energy Policy Act of 2005. DST dates in the United States will start three weeks earlier (2:00 A.M. on the second Sunday in March) and will end one week later (2:00 A.M. on the first Sunday in November).
|
|
Full View / NID: 14365 / Submitted by: TACKtech Team
|
|
Use Jetstress to verify the performance and stability of a disk subsystem prior to putting an Exchange server into production. Jetstress helps verify disk performance by simulating Exchange disk Input/Output (I/O) load. Specifically, Jetstress simulates the Exchange database and log file loads produced by a specific number of users. You use Performance Monitor, Event Viewer, and ESEUTIL in conjunction with Jetstress to verify that your disk subsystem meets or exceeds the performance criteria you establish. After a successful completion of the Jetstress Disk Performance and Stress Tests in a non-production environment, you will have ensured that your Exchange disk subsystem is adequately sized (in terms of performance criteria you establish) for the user count and user profiles you have established. It is highly recommended that the Jetstress user read through the tool documentation before using the tool.
|
|
Full View / NID: 14237 / Submitted by: TACKtech Team
|
|
Use Microsoft Exchange Server Stress and Performance (ESP), a highly scalable stress and performance tool for Exchange, to simulate large numbers of client sessions by concurrently accessing one or more protocol servers. ESP includes multiple modules that you can use to simulate a wide variety of protocols and loads. You can run modules concurrently from multiple hosts, thereby more realistically simulating physically separate client machines. There is no limit to the number of computers on your network that can host ESP modules.
|
|
Full View / NID: 14236 / Submitted by: TACKtech Team
|
|
Microsoft Exchange Server when running Outlook Web Access Vulnerability - CVE-2006-1193: Microsoft Exchange Server 2000 SP1 through SP3, when running Outlook Web Access (OWA), allows user-complicit remote attackers to execute arbitrary script via unknown vectors related to "HTML parsing."
|
|
Full View / NID: 10943 / Submitted by: TACKtech Team
|
|
In the upcoming Microsoft Windows Vista Beta 2 release, the Dynamic HTML Editing ActiveX control is being removed from the Internet Explorer browser. As a result, there is functionality missing that Microsoft Exchange Outlook Web Access relies on. This update replaces that deprecated functionality on the Microsoft Exchange servers so that Microsoft Exchange Outlook Web Access continues to function smoothly.
|
|
Full View / NID: 10893 / Submitted by: TACKtech Team
|
|
The Microsoft Exchange Server Disaster Recovery Analyzer Tool is designed for administrators who need to troubleshoot database mounting issues.
|
|
Full View / NID: 8456 / Submitted by: TACKtech Team
|
|
The Microsoft Exchange Server Performance Troubleshooting Analyzer Tool is designed for administrators who need to determine the root cause of Exchange Server performance issues.
|
|
Full View / NID: 8455 / Submitted by: TACKtech Team
|
|
Simulate disk I/O load on a test server running Exchange to verify the performance and stability of your disk subsystem before putting your server into a production environment.
|
|
Full View / NID: 8454 / Submitted by: TACKtech Team
|