News

Security Breach in MCIS Mail Server Fixed

Microsoft has discovered and fixed a security violation in the Microsoft Commercial Internet System (MCIS) Mail server. The vulnerability could allow a malicious user to remotely cause services on the server to fail, or cause arbitrary code to run on the server.

The IMAP service included in MCIS Mail has an unchecked buffer. If a malformed request containing random data were passed to the service, it could cause the Web publishing, IMAP, SMTP, LDAP, and other services to crash. If the malformed request contained specially crafted data, it could also be used to run arbitrary code on the server via a classic buffer overrun attack.

Microsoft Commercial Internet System 2.0 and 2.5 are affected by this vulnerability. The Intel version of the patch is available at http://www.microsoft.com/Downloads/Release.asp?ReleaseID=17124 and the Alpha version is available at http://www.microsoft.com/Downloads/Release.asp?ReleaseID=17122. -- Isaac Slepner

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Windows 10 Mobile To Fall Out of Support in December

    Microsoft will end support for the Windows 10 Mobile operating system on Dec. 10, 2019, according to an announcement.

  • Get More Out of Your Outlook Inbox with TakeNote

    Brien comes across a handy, but imperfect, feature in Outlook that lets you annotate specific e-mails. Its provenance is something of a mystery, though.

  • Microsoft Resumes Rerelease of Windows 10 Version 1809

    Microsoft on Wednesday once more resumed its general rollout of the Windows 10 version 1809 upgrade, also known as the "October 2018 Update."

  • Microsoft Ups Its Windows 10 App Compatibility Assurances

    Microsoft gave assurances this week that organizations adopting Windows 10 likely won't face application compatibility issues.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.