Microsoft has added a new feature to Exchange Server that will automatically take action to remediate high-risk vulnerabilities (most likely already exploited by hackers). This should protect Exchange servers from attacks and give administrators more time to install full-fledged patches when Microsoft releases them. The fact is that zero-day vulnerabilities in Microsoft Exchange have recently… Continue reading New feature in Exchange Server will apply fixes automatically
Tag: Microsoft Exchange server
Experts published a list of the most attacked vulnerabilities in 2020-2021
Experts from the FBI, the US Department of Homeland Security (DHS CISA), the Australian Cybersecurity Center (ACSC), and the UK National Cybersecurity Center (NCSC) have published joint security advisories that list the most attacked and most popular vulnerabilities among criminals in 2020 and 2021. Based on data collected by the US government, most of the… Continue reading Experts published a list of the most attacked vulnerabilities in 2020-2021
US and UK accused China for attacks on Microsoft Exchange servers
The United States and a coalition of its allies, including the EU, Britain and NATO, have formally accused China and its authorities of a large-scale hacking campaign to break into Microsoft Exchange servers. Let me remind you that these attacks have been going on since the beginning of 2021 and are targeted tens of thousands… Continue reading US and UK accused China for attacks on Microsoft Exchange servers
Microsoft Introduces One-Click ProxyLogon Fix Tool
Microsoft developers have released a tool called EOMT (Exchange On-premises Mitigation Tool) designed to install updates on Microsoft Exchange servers and one-click ProxyLogon vulnerabilities fix. The utility is already available for download on the company’s GitHub. In early March 2021, Microsoft engineers released unscheduled patches for four vulnerabilities in the Exchange mail server, which the… Continue reading Microsoft Introduces One-Click ProxyLogon Fix Tool
82.5% of Microsoft Exchange servers are still vulnerable
Information security experts from Rapid7 reported that more than 35,000 Internet-connected Microsoft Exchange servers are still vulnerable to the critical vulnerability CVE-2020-0688 that was fixed in February. The vulnerability affects the default Exchange Control Panel (ECP) component and allows an attacker to take control of a Microsoft Exchange server using previously stolen valid email credentials.… Continue reading 82.5% of Microsoft Exchange servers are still vulnerable