x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

MS07-026

Threat LevelLow threatDamageHighDistributionNot widespread
Common name:MS07-026
Technical name:MS07-026
Threat level:Medium
Alias:Vulnerabilities in Microsoft Exchange, Vulnerabilidades en Microsoft Exchange
Type:Vulnerability
Effects:  

It is a group of critical vulnerabilities in Exchange Server 2007/2003/2000, which allows hackers to gain remote control of the affected computer, to launch denial of service attacks and to disclose information.

Affected platforms:

Other

First detected on:May 9, 2007
Detection updated on:May 9, 2007
StatisticsNo

Brief Description 

    

MS07-026 is not categorized as virus, worm, Trojan or backdoor. It is a group of critical vulnerabilities in Exchange Server 2007/2003/2000, which allows arbitrary code to be remotely executed, denial of service attacks to be launched or information to be disclosed.

The addresses vulnerabilities are:

  • Outlook Web Access Script Injection vulnerability: an information disclosure vulnerability which is usually exploited by sending a specially crafted file via email and enticing users into opening it.
  • Malformed iCal vulnerability: a denial of service vulnerability which is usually exploited by creating a specially crafted iCal file and sending it via email to a vulnerable computer.
  • MIME Decoding vulnerability: a remote code execution vulnerability which is usually exploited by sending a specially crafted email to an Exchange Server user account.
  • IMAP Literal Processing vulnerability: a denial of service vulnerability which is usually exploited by sending a specially crafted IMAP command to an Exchange Server configured as an IMAP server.

 

If you have Exchange Server 2007/2003/2000, it is recommended to download and apply the security patch for these vulnerabilities. Click here to access the web page for downloading the patch.