Tuesday, March 19, 2024

Critical Microsoft Exchange Server Vulnerabilities Could Allow Hackers to Control of Enterprise Networks

In a daily routine check-up, the cybersecurity experts of the U.S. National Security Agency have detected two critical Microsoft Exchange Server vulnerabilities.

After detecting the vulnerabilities, the analysts asserted that these two vulnerabilities could enable the threat actors to persistently access and control business networks.

However, in a threat report, the cybersecurity researchers have affirmed on Tuesday, that they have performed the monthly cycle, during the month when Microsoft delivers some patches for the vulnerabilities.

The security researchers have found these vulnerabilities proactively, or we can say that the vulnerabilities were disclosed to the security experts. 

Inventory Your Exchange Servers and Update to the latest Cumulative Update

According to the cybersecurity analysts’ recommendation, one should always use the Exchange Server Health Checker script, and users can easily download it from GitHub.  

Once the users run this script, it will eventually notify them if any of your Exchange Servers are performing these updates or not. 

Moreover, users must update to the latest cumulative update immediately so that they can evade themselves from such vulnerabilities.

Microsoft Released Security Updates 

Microsoft stated that these kinds of vulnerabilities are not new, and they have detected the very first vulnerability in April 2021.

Soon after the detection, the team of analysts has reported the vulnerability to Microsoft. And after the report, Microsoft has researched the whole matter and eventually pronounced that they were not aware of such exploits.

However, after knowing all the details regarding the vulnerability, Microsoft has suggested the users to install the latest update so that they can stay protected from such flaws.

Microsoft releases the security updates to patch the security flaws (CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483) found in the following Exchange Servers:-

  • Exchange Server 2013
  • Exchange Server 2016
  • Exchange Server 2019

Not only this, as these two vulnerabilities were also detected by NSA, and they have rated the vulnerability 9.8 out of 10.

According to them, these vulnerabilities are quite critical and harmful for the users. That’s why every customer must use Exchange Online rather than on-premise Exchange Servers.

While on the other side, ESET researchers have declared that nearly 10 different hacking groups were involved in this threat attack, and they are continuously taking advantage of the zero-day vulnerabilities.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.

Website

Latest articles

900+ websites Exposing 10M+ Passwords: Most in Plaintext

Over 900 websites inadvertently expose over 10 million passwords, many of which are in...

Hackers Exploiting Microsoft Office Templates to Execute Malicious Code

In a cyberattack campaign dubbed "PhantomBlu," hundreds of employees across various US-based organizations were...

How ANY.RUN Malware Sandbox Process IOCs for Threat Intelligence Lookup?

The database includes indicators of compromise (IOCs) and relationships between different artifacts observed within...

CryptoWire Ransomware Attacking Abuses Schedule Task To maintain Persistence

AhnLab security researchers detected a resurgence of CryptoWire, a ransomware strain originally prevalent in...

E-Root Admin Sentenced to 42 Months in Prison for Selling 350,000 Credentials

Tampa, FL – In a significant crackdown on cybercrime, Sandu Boris Diaconu, a 31-year-old...

WhiteSnake Stealer Checks for Mutex & VM Function Before Execution

A new variant of the WhiteSnake Stealer, a formidable malware that has been updated...

Researchers Hacked AI Assistants Using ASCII Art

Large language models (LLMs) are vulnerable to attacks, leveraging their inability to recognize prompts...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles