ISA Archives - Astiostech - Blog, News and Updates

Possible new breed of mass spreading worms ? New vulnerabilities found in MS products.

August 12, 2009December 13, 2018 admin

Microsoft Office OWC10.Spreadsheet ActiveX BorderAround() Heap Corruption Vulnerability The specific vulnerability exists in the OWC10.Spreadsheet.10 ActiveX control installed by Microsoft Office. By accessing specific methods in a certain order heap corruption occurs leading to remote code execution. If exploited, complete control of the affected system … “Possible new breed of mass spreading worms ? New vulnerabilities found in MS products.”

ISA Server 2006 Radius OTP Authentication Bypass

July 21, 2009December 13, 2018 admin

An update is available for ISA 2006 with SP1 or less users who uses Radius OTP to authenticate backend web servers. The vulnerability allows an attacker to assume an admin without keying in the correct password (authentication bypass). Please update your issue of ISA immediately … “ISA Server 2006 Radius OTP Authentication Bypass”

ISA Server 2006 VS Exchange Outlook Web Access

September 02, 2007December 13, 2018 admin

A customer from Cambodia (shout out to Whaddanak of CBL) once asked ways in which one can publish a front end Exchange server securely in a DMZ (DeMilitarized Zone). The obvious answer is DEFINITELY YES. Since Exchange 5.5, OWA could easily be isolated from the … “ISA Server 2006 VS Exchange Outlook Web Access”

DNS and ISA Server

August 29, 2007December 13, 2018 admin

A shout out to my friend Velan Ramalinggam, thanks for your help today 🙂 We just got back from a customer’s site and they had a complain that after enabling ISA server proxy forwarding option through routing, the ISA server became a crawl. Although direct, … “DNS and ISA Server”

Unleashing ISA’s HTTP Filter Demon

April 02, 2007December 13, 2018 admin

Hey if you run ISA Server 2004 or higher, come on, make use of its HTTP filter. You don’t need expensive software to block almost anything that “rides” inside the HTTP protocol without you knowing it. Even HTTPS session can be re-established by ISA so … “Unleashing ISA’s HTTP Filter Demon”

ISA 2008 Is In The Bakery

January 28, 2007December 13, 2018 admin

One of the products from Microsoft i truly like is Microsoft ISA Server. ISA has proven its strength and robustness and we personally run it at our office. It just runs, just runs well. Since ISA 2004, I’ve been impressed, I’ve tried 2006 but haven’t … “ISA 2008 Is In The Bakery”