We have come accross this vulnerability detected by our scanner tool for this software. The software gets install in the folowing area C:\Program Files\Microsoft\Exchange Server\V14\Bin\MSExchangeMailboxAssistants.exe This windows services is unquote and therefore it flags as vulnerable for hackers. I'm attachingthe following article for reference https://isc.sans.edu/diary/Help+eliminate+unquoted+path+vulnerabilities/14464 http://blakhal0.blogspot.com/2012/08/hiding-files-by-exploiting-spaces-in.html Besides creating a script to update the binPath for this services, is there a patch solution or this is simple not a problem since the OS will take care of it. Issue of long file name was fixed back then by Microsoft Windows 2000 SP2. michael john ocasio

Hello, I think you will need to update your scanner. Thanks, Simon Wu TechNet Community Support

We automate it a script that will remotely connect to the machines with the vulnerability and filter out those windows components with the embedded space in there path. I will think this will be an issue that should be handle by the vendor to revise their deployment setup package and that will take care new machines when application is install instead of creating a second step to correct the problem.michael john ocasio