Recently security researchers have disclosed reports of a new vulnerability in OWA (i.e. Outlook Web Access). This has been the headline of many security bulletins throughout internet since October 5, 2015.
OWA is a component of Microsoft Exchange Server which is an Internet-facing webmail server and is deployed in private companies and organisations to provide internal emailing capabilities.
Important point to note here is that unlike other web servers that typically have only a web interface, OWA is different. It is a critical internal infrastructure that also faces the Internet, making it an intermediary between the internal, DMZ, and the web.