|
For Immediate Release
Think Discovers Microsoft Exchange Vulnerability
CAMBRIDGE, MA -- November 12, 2003 -- Think Computer has found a serious security vulnerability with Microsoft Exchange Server versions 5.5 and 2000 that can lead to servers and internet connections being severely crippled. Even if Exchange Server is configured to require SMTP authentication, if SMTP authentication fails, and the Microsoft Windows Guest account is enabled, then Exchange Server will accept messages for relay. Essentially, the problem allows spam messages to be sent through servers that are supposedly secure according to Microsoft's own standards and various third-party open relay tests.
The Microsoft Support Knowledge Base documents part of the problem, as do other previously written articles external to Microsoft, but they do not address the fact that messages are still accepted for relay even when SMTP authentication fails. Microsoft does not plan to take any corrective action at this time.
Think has released a White Paper which explains the problem in detail. The White Paper is available on the company's web site at http://www.thinkcomputer.com/corporate/news/whitepapers.html.
About Think
Think was founded in 1998 with the long-term goal of developing simple, useful computer software. Today, Think's web-based programs take advantage of cloud computing to help businesses large and small manage their daily operations from accounting to sales and marketing. Think is on the web at http://www.thinkcomputer.com.
Media Contact:
Think Computer Corporation
Palo Alto, CA
Phone:
Fax:
E-Mail:
| 
