Skip to main content


MS08-039: Which users are vulnerable to the OWA XSS vulnerability?

Tuesday, July 08, 2008

Today we released MS08-039 which addressed several XSS vulnerabilities in Microsoft Exchange’s Outlook Web Access component. While this is an update to be applied to the Exchange server, the clients who use OWA are the computers potentially at risk. We’d like to explain a little more about the vulnerability so that you can determine whether you or your organization are at risk.