Internal Domains exposed via Outlook XML
-
segunda-feira, 2 de abril de 2012 14:15
We have discovered that Outlook is exposing all internally hosted domains via the following file:
C:\%USERPROFILE%\AppData\Roaming\Microsoft\Outlook\PB4S-Configuration-<username@domain>.xml
This is on a SP2 install utilizing ABPs.
Anyone else seeing this issue?
Todas as Respostas
-
segunda-feira, 2 de abril de 2012 16:59
Do you have RMS configured in your organization?
-
segunda-feira, 2 de abril de 2012 17:09And more precisely, do you have Outlook Protection Rules configured?
-
segunda-feira, 2 de abril de 2012 17:54We don't currently have RMS deployed. Is RMS a requirement to control this particular information leak?
-
segunda-feira, 2 de abril de 2012 18:45No, it's not. Was just checking. I'm investigating now and will post back when I have some more info.
-
terça-feira, 3 de abril de 2012 20:09We're working on a solution for this. I'll post again when I have more information.
-
terça-feira, 3 de abril de 2012 20:50Thanks Greg. Would it help if we open a support case on this issue for tracking purposes?
-
terça-feira, 3 de abril de 2012 20:53Sure, be sure to point the engineer at me, and I will point them at the bug I opened.
-
segunda-feira, 21 de maio de 2012 12:51
Do you have any information concerning this issue
Thanks
-
segunda-feira, 21 de maio de 2012 16:17
Yes I do. Sorry I didn't post back. We have coded a fix for this issue and it will ship in SP2 RU4 later this year.
The change will require that no Outlook Protection Rules are configured (which is the default). If there are no rules we will only return the callers SMTP domain back, rather than all domains.
- Marcado como Resposta Casey Tomlinson segunda-feira, 18 de junho de 2012 16:50
.png)
