A vulnerability has been found within Microsoft Forefront Protection 2010 for Exchange that could allow remote code execution. Microsoft Forefront Protection 2010 for Exchange Server provides protection against malware and spam by scanning incoming emails. An attacker who has successfully exploited this vulnerability could execute code in the context of the users service account. Depending on the privileges associated with the account, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
'- Microsoft Forefront Protection for Exchange 2010
A remote code execution vulnerability exists in Forefront Protection for Exchange. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the configured service account. An attacker who has successfully exploited this vulnerability could execute code in the context of the users service account. Depending on the privileges associated with the account, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
'- Upgrade Microsoft Forefront Protection for Exchange 2010 immediately after appropriate testing.
- Apply the principle of Least Privilege to all services.
https://technet.microsoft.com/en-us/security/bulletin/ms14-008
CVE:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0294