Microsoft Warns of Oracle Holes

Friday, July 27, 2012 @ 01:07 PM gHale


Microsoft is warning its Exchange and SharePoint server products may suffer from security holes Oracle patched in its most recent update last week.

It seems the Microsoft components use the Oracle Outside In libraries that contain security holes.

RELATED STORIES
Big Oracle Patch Day
New Java Exploit Debuts
Blackhole Exploit Upgraded
Phishing Emails Getting Real

The issue affects Exchange Server 2007 and 2010 as well as FAST Search Server 2010 for SharePoint, Microsoft said. SharePoint is only vulnerable if the user activates the Advanced Filter Pack, Microsoft said.

As a workaround, the company recommends users disable this feature in Sharepoint for the time being. Exchange administrators should disable the attachment transcoding service. However, this may cause the OWA web frontend’s file attachment preview to malfunction.



Leave a Reply

You must be logged in to post a comment.