The flaw in Microsoft Exchange had already been exploited by hackers before Microsoft could release the necessary patches this month. Installing them should be a top priority, because it may already be too late.
This month, Microsoft fixed a critical vulnerability in Exchange Server through updates Patch Tuesday. Unfortunately, the cybercriminals had a mistake CVE-2024-21410 Until he found out. Zeroday allows hackers to remotely access an Exchange server without authentication and pretend to be a legitimate user. Microsoft warns that it has seen such attacks in the wild for some time.
Microsoft Exchange Server 2019 CU 14 and 13 are considered vulnerable, not as Exchange Server 2016 CU 23. Microsoft has now released patches for version 2019. Given the active abuse, high impact, and low complexity of the attack, patching should be an absolute priority.
reduce of
Users can also arm themselves with Extended authentication protection Or the Environmental Protection Agency. The patch automatically enables this additional security capability. Users of older Exchange versions can protect themselves by activating the function themselves using a file Powershell script.
Microsoft Exchange Server is a favorite target for hackers. Many organizations run their mail servers on-premises and do not use Exchange in the cloud. This means that the IT staff themselves are responsible for updates, which are often not installed. A study conducted at the end of last year showed that there are more than 10,000 vulnerable servers operating in Europe alone.
“Thinker. Coffeeaholic. Award-winning gamer. Web trailblazer. Pop culture scholar. Beer guru. Food specialist.”
More Stories
Resident Evil 9 will be revealed soon, and will be released in 2025
Olly Alexander reveals his Eurovision favourite: ‘I think he’ll win’ | RTL Street
New One UI 6.1 update, one of Samsung’s most popular software updates ever – Samsung Newsroom Belgium