Security Updates for Exchange (June 2019)
Medium Nessus Plugin ID 125881
SynopsisThe Microsoft Exchange Server installed on the remote host is affected by multiple vulnerabilities.
DescriptionThe Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by a spoofing vulnerability when Outlook Web Access fails to property handle web requests.
An unauthenticated, remote attacker can exploit this by sending in a specially crafted link to a tricked user who clicks on the malicious link & activates the exploit.
SolutionMicrosoft has released the following security updates to address this issue: