Archive

Archive for October, 2009

Certificate Validation on Windows XP with Entrust SSP Issued HSPD-12 Certificates

October 22nd, 2009 Comments off

On May 9th, 2009 Entrust Managed Services (provider of HSPD-12 certificates) performed a key update ceremony on the Entrust Managed Services Root and SSP certification authorities. HSPD-12 certificates issued after May 9th, 2009 will not work on the Windows XP operating system (i.e. RTM, SP1, SP2 and SP3).

More information can be found in the Document HSPD-12 Logical Access Authentication and Active Directory Domains.

Categories: HSPD-12 Tags:

Messages sent from Exchange 2007 to Non-Exchange Recipients through an Exchange 2003 Connector are NDRed by the first Hub/Transport Server

In a mixed Exchange 2007/2003 environment with a Connector to a Non-Exchange System on an Exchange 2003 Server you cannot send messages from Exchange 2007 to a recipient in the Non-Exchange System if the following two conditions are true:


1) the Connector contains an Address Space with an underscore (“_”) in it, like in the following example:


  


2) one part of the address of the final recipient (for example, the “Domain”-part) matches this Address Space.


In this case, the sender of the message will receive a Non Delivery Report from the first Exchange 2007 Hub/Transport-Server and the message will not be routed to the recipient.


The Non Delivery Report contains the following error-information:


 #550 5.4.4 ROUTING.NoNextHop; unable to route


This error is returned despite the fact, that the Scope of the Connector is set to “Entire organization” and the Address Space is visible in the Routing Log Viewer in Exchange 2007.


Please note, that this issue can occur in conjunction with all EDK-Gateways for Exchange 2003 and hence is not limited to the Lotus Notes Connector for Exchange 2003.


You can work around the problem by re-defining the Address Space in question so, that the underscore is eliminated from it and replaced by a wildcard. One possible solution for the example above would be, to replace “abcd_ef” by “abcd*”. As soon as this change has been replicated to Exchange 2007, the problem is resolved and messages can be sent from Exchange 2007 to the desired destination.

Microsoft Security Advisory (975497): Vulnerabilities in SMB Could Allow Remote Code Execution – Version: 2.0

Categories: Uncategorized Tags:

Microsoft Security Advisory (975191): Vulnerabilities in the FTP Service in Internet Information Services – Version: 3.0

Revision Note: V3.0 (October 13, 2009): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into a public report of this issue. We have released MS09-053 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-053. The vulnerabilities addressed are the IIS FTP Service DoS Vulnerability (CVE-2009-2521) and the IIS FTP Service RCE and DoS Vulnerability (CVE-2009-3023).

Categories: Uncategorized Tags:

Microsoft Security Advisory (973882): Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution – Version: 4.0

Revision Note: V4.0 (October 13, 2009): Advisory revised to add an entry in the Updates related to ATL section to communicate the release of Microsoft Security Bulletin MS09-060, “Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution.”
Summary: Security Advisory

Categories: Uncategorized Tags:

Microsoft Security Advisory (975191): Vulnerabilities in the FTP Service in Internet Information Services – 10/13/2009

October 13th, 2009 Comments off

Revision Note: V3.0 (October 13, 2009): Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of this issue. We have released MS09-053 to address this issue. For more information about this issue, including download links for an available security update, please review MS09-053. The vulnerabilities addressed are the IIS FTP Service DoS Vulnerability (CVE-2009-2521) and the IIS FTP Service RCE and DoS Vulnerability (CVE-2009-3023).

Categories: Uncategorized Tags:

Microsoft Security Advisory (973882): Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution – 10/13/2009

October 13th, 2009 Comments off

Revision Note: V4.0 (October 13, 2009): Advisory revised to add an entry in the Updates related to ATL section to communicate the release of Microsoft Security Bulletin MS09-060, “Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution.” Advisory Summary:Security Advisory

Categories: Uncategorized Tags:

Microsoft Security Advisory (975497): Vulnerabilities in SMB Could Allow Remote Code Execution – 10/13/2009

October 13th, 2009 Comments off
Categories: Uncategorized Tags: