MS05-021: Vulnerability in Exchange Server Could Allow Remote Code Execution (KB:894549)


An Exchange Server related security bulletin was released today. Here are some details; please go and get the patches that apply to your Exchange version!


Issued: April 12, 2005


Impact of Vulnerability: Remote Code Execution


Maximum Severity Rating: Critical


Recommendation: Customers should apply the update immediately.


Affected Software:


    • Microsoft Exchange 2000 Server Service Pack 3
 
    • Microsoft Exchange Server 2003
 
    • Microsoft Exchange Server 2003 Service Pack 1
 
Non-Affected Software:


    • Microsoft Exchange Server 5.5 Service Pack 4
 
    • Microsoft Exchange Server 5.0 Service Pack 2
 
Please go here for more information and links to get the updates!


- Nino Bilic

Comments (1)
  1. Jeff Pines says:

    There appears to be an error in KB894549. The Exchange 2000 SP3 update instructions link to Exchange 2000 Post-SP3 Rollup Patch 6487.1 as a pre-req. Actually, the critical update in KB894549 won’t install unless you have Exchange 2000 Post-SP3 Rollup Patch 6603.1 (KB870540).

Comments are closed.

Skip to main content