I am concerned about Microsoft’s statement that for security reasons we should all turn off Web Ready Viewing? How do I do this? Are there any alternatives?

Microsoft is currently working on a fix for this vulnerability; in the meantime they have suggested a workaround to disable Web Ready Viewing. To perform this action, follow the steps below:

1. Open up the Exchange Management Shell as an Exchange Organization Administrator

2. Type the following command: Get-OwaVirtualDirectory | where {$_.OwaVersion -eq 'Exchange2007' -or $_.OwaVersion -eq 'Exchange2010'} | Set-OwaVirtualDirectory -WebReadyDocumentViewingOnPublicComputersEnabled:$False -WebReadyDocumentViewingOnPrivateComputersEnabled:$False

Alternatively, if you are concerned about attachment security you could look at a third party product from Messageware AttachView.

For additional information view the external links below: Microsoft Security Advisory (2737111) Vulnerabilities in Microsoft Exchange and FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution

https://technet.microsoft.com/security/advisory/2737111

Use Ctrl+Shift+R to "Reply all" to the selected message.

To submit a question or tip, please email faq@outlook-web-access.com

Poll

Will tablet and Smart phone use be a big part of your OWA 2013 deployment?

Exchange Server Links

Third Party Exchange Software

I am concerned about Microsoft’s statement that for security reasons we should all turn off Web Ready Viewing? How do I do this? Are there any alternatives?

Poll

Will tablet and Smart phone use be a big part of your OWA 2013 deployment?

OWA Blogs

Exchange Blogs