CVE-2016-0028

Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server 2013 SP1, Cumulative Update 11, and Cumulative Update 12 Microsoft Exchange Server 2016 Gold and Cumulative Update 1

Description The issue allows remote attackers to track users via a crafted HTML e-mail message due to improper restriction of loading IMG elements in Outlook Web Access (OWA). An email filter bypass exists in the way Microsoft Exchange parses HTML messages, which could allow information disclosure. If successfully exploited, an attacker could identify, fingerprint, and track a user online if the user views email messages using OWA. The attacker could also combine this issue with another one, such as a Cross-Site Request Forgery (CSRF), to amplify the attack.

Recommendations For Microsoft Exchange Server 2013 SP1, Cumulative Update 11, and Cumulative Update 12, update to a version that properly restricts loading of IMG elements. For Microsoft Exchange Server 2016 Gold and Cumulative Update 1, update to a version that properly restricts loading of IMG elements. As a temporary workaround, consider restricting access to OWA to minimize the risk of exploitation.