Vulnerability: Exchange 2000 enables remote registry access

The Exchange 2000 System Attendant incorrectly gives 'everyone' access to the Winreg registry key, which would allow a remote attacker to access the registry via SMB/NetBIOS. Exploitation depends on the permissions of the various subkeys.

FAQ and patch:

http://www.microsoft.com/technet/security/bulletin/MS02-003.asp

Join the newsletter!

Or
Error: Please check your email address.

More about Microsoft

Show Comments