Fix for Exchange 2000 causes mail snags

Posted Thursday, the patch was intended to repair a vulnerability in Microsoft's Exchange 2000 mail server, but instead, caused serious mail problems, according to several users.

"We have had severe email problems since applying the fix," wrote Trey Carr, IS manager at ZonaFinanciera.com. "I guess MS is getting in too big of a hurry to test their hotfixes before they post them.... Our ability to send and receive mail was completely stopped by this 'fix'. I am using (a Web-based email service) to send (this message) because our server is completely hung." On Friday, Microsoft pulled the patch, replacing it with a simple statement.

"Due to a problem that was discovered in this hotfix, the binaries have been removed," read the explanation on the software giant's download site. "An updated version of this fix will be released by Monday, June 11th at the latest."

Microsoft announced Thursday that a security hole existed in the Outlook Web Access module included in Exchange 2000. The module allows people to read mail remotely using a Web browser, but the hole meant online vandals could manipulate the program and delete, modify or add data to a person's mailbox.

As of Friday, Microsoft was unable to confirm whether the problem with the patch actually existed.

"We received some technical report of potential issues with the bulletin," said a Microsoft representative. "So we have pulled down the patch while (we) check."