Friday, April 26, 2024

Microsoft Issues Emergency Patch as Chinese Hackers Exploiting Exchange Server Flaws

By Guru baran

Microsoft Issues Emergency Patch

The Microsoft Security Response Center yesterday released several security updates for Microsoft Exchange Server. These updates were targeted at addressing vulnerabilities that have been used in a few focused and targeted attacks.

Nature of vulnerabilities

The vulnerabilities have been deemed to be very critical in nature and Microsoft urges and advises its customers to update the affected systems without further delay to protect themselves against these attacks and to prevent further abuse of their systems.

Microsoft states that these vulnerabilities have affected only Microsoft Exchange Server and have not affected Exchange Online.

Vulnerabilities

Affected versions

  • Microsoft Exchange Server 2013  
  • Microsoft Exchange Server 2016  
  • Microsoft Exchange Server 2019 

Defense in Depth purpose updates is being carried out on Microsoft Exchange Server 2010.

HAFNIUM Targeting Exchange Servers

“Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed the installation of additional malware to facilitate long-term access to victim environments.”

Process and mitigating ways of vulnerabilities

The vulnerabilities were used as part of an attack chain. Initially, these attacks need to have the ability to make an untrusted connection to Exchange server port 443 which can be saved by either restricting the untrusted connections, or by setting up a VPN to separate the Exchange server from external access.

By using this proposed method of protection, one would only protect against the initial portion of the attack. But other portions of the chain can be triggered if an attacker already has access or can convince an administrator to run a malicious file.

Microsoft has asked its users to prioritize updating external-facing Exchange Servers and then moving on to update others.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.

Managed WAF Protection

Website

Latest articles

cyber security

Analyze Malicious Powershell Scripts by Running Malware in ANY.RUN Sandbox

Hackers exploit PowerShell, a built-in scripting tool on Windows (and sometimes Linux), to launch...
cyber security

Beware! Zero-click RCE Exploit for iMessage Circulating on Hacker Forums

A new cybersecurity threat has emerged as a zero-click remote code execution (RCE) exploit...
Cyber Attack

New DragonForce Ransomware Emerged From The Leaked LOCKBIT Builder

Hackers exploit LOCKBIT Builder due to its versatility in creating customized ransomware payloads which...
cyber security

JudgeO Online Code Editor Flaw Let Attackers Execute Code as Root User

A critical flaw has been identified in the popular online code editor, JudgeO.If...
Cyber Attack

Cyber Attack Defenders Up For Battle: Huge Uptick In Timely Detections

Attackers are employing evasion techniques to bypass detection and extend dwell time on compromised...
Cisco

Alert! Cisco Releases Critical Security Updates to Fix 2 ASA Firewall 0-Days

Cisco has released critical security updates to address multiple vulnerabilities in its Adaptive Security...
cyber security

Pakistani APT Hackers Attacking Indian Govt Entities With Weaponized Shortcut Files

Cybersecurity experts at Seqrite Labs have reported a surge in cyberattacks against Indian government...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

WAAP/WAF ROI Analysis

Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

    • Book Your Spot

Related Articles

Connect with GBHackers On Security

Join 70,000 Security Professionals

Stay safe online with free daily cybersecurity updates. Sign up now!

GBHackers on security is a highly informative and reliable Cyber Security News platform that provides the latest and most relevant updates on Cyber Security News, Hacking News, Technology advancements, and Kali Linux tutorials on a daily basis. The platform is dedicated to keeping the community well-informed and up-to-date with the constantly evolving Cyber World.

Menu

Contact US:

Email : [email protected]