[Full-disclosure] MS05-021 Workaround - Block Port 25/SMTP - HAHA!
nocmonkey at gmail.com
Tue Apr 12 20:48:38 BST 2005
Good to see that Microsoft has a great sense of humour, in regards
their recently announced Security Bulletin MS05-021 - Vulnerability in
Exchange Server Could Allow Remote Code Execution (894549).
Note one of the workarounds (if you don't have time to patch):
"Use a firewall to block the port that SMTP uses. Typically, that is port 25.
Impact of Workaround:
This workaround should only be used as a last resort to help protect
you from this vulnerability. This workaround may directly affect the
ability to communicate with external parties by e-mail."
And some people wonder why I insist that all of my Microsoft servers
are inaccessible from the Internet; egress and ingress.
Full-Disclosure is hosted and sponsored by Secunia.