A Internet Security Systems (ISS) acredita que nos tempos mais próximos poderá surgir um worm que explore a vulnerabilidade descrita no boletim de segurança MS06-019 e que afectará os sistemas baseados em Exchange Server em todo o Mundo. De acordo com a equipa X-Force da ISS:

"Testing done by X-Force confirms denial of service of the Exchange Server is easily achieved with no user interaction and is not mitigated by firewall best practices.
Further analysis of this issue reveals that code execution is possible, but difficult to obtain. However, with the high profile of Microsoft Exchange as a target and the nature in which it is typically deployed, we expect to see active exploitation of this issue in the wild with the possibility of a worm."

Aceitem este conselho, apliquem o patch o mais depressa possível.
Links relacionados:

• Microsoft Exchange Calendar Attachment Heap-based Overflow
• Internet Security Systems Warns Against Potential Microsoft Exchange Worm
• Hackers Expected To Target Exchange
• Exploit Out For Exchange Bug
• ISS warns against potential Microsoft Exchange worm
• Worm Could Wreck Exchange