?
Solved

OWA 2003 vulnerabilities

Posted on 2010-08-18
5
Medium Priority
?
524 Views
Last Modified: 2012-05-10
If a user from home accesses their work email via OWA, can malware on their PC infect OWA and use their contact list to spoof accounts? Would they then be able to use those accounts to send spam and make it appear to come from the work email server?
0
Comment
Question by:PSD_Admin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 11

Expert Comment

by:Coast-IT
ID: 33469786
No, OWA is completely seperate to anything on the PC, it is a web based system.  Even with shared folders on it, it is read only.

Nothing to worry about.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33469954
I have to research OWA security a bit more.
Usually SSL provides one line of safety.

However, you maybe susceptible to a different type of malaware/phishing attack, where users get an alert note to change their passwords in OWA, which takes them to a different site altogether.

Something like this advisory.
http://itservices.uchicago.edu/services/technicaltools/securitynews/2010/01/owamalware.shtml

will post back if I come up with something.
0
 
LVL 28

Accepted Solution

by:
sunnyc7 earned 2000 total points
ID: 33469989
0
 

Author Comment

by:PSD_Admin
ID: 33590300
Thank you for your comments they were all very helpful.
0
 
LVL 28

Expert Comment

by:sunnyc7
ID: 33590337
You are welcome :)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question