Microsoft “strongly urges” admins to update their Exchange Servers
Unpatched servers make a tantalizing target for hackers, according to Microsoft.
This week Microsoft urged customers to keep their on-premises Exchange servers patched by applying the latest supported Cumulative Update (CU) to have them always ready to deploy an emergency security update.
Th... Read more
Researchers warn of increase in SSRF attacks on Microsoft Exchange
Bitdefender warns of an increase in cyberattacks on on-premises deployments of Microsoft Exchange Server 2013, 2016 and 2019.
The security company witnessed a recent rise in ProxyNotShell and OWASSRF, two tactics for attacks on Microsoft Exchange Server.
The tactics exploit two known vulnera... Read more
Cybercriminals hack Microsoft Exchange servers with zero-days
Microsoft confirms that cybercriminals are exploiting two zero-day vulnerabilities in Exchange Server 2013, 2016 and 2019.
The vulnerabilities allow cybercriminals to conduct remote code execution attacks. The bugs were discovered by GTSC. The security company published a mitigation guide. The ... Read more
New SessionManager malware attacks Exchange servers
Kaspersky researchers discovered a new malware variant that attacks Microsoft Exchange servers. 'SessionManager' installs a backdoor on affected systems. According to the researchers, mitigation is a difficult process.
Kaspersky notes that SessionManager has been active for 15 months. Some 34 s... Read more
Microsoft Exchange Server won’t get a new version until 2025
Microsoft Exchange Server won't get a new on-premises version until 2025. The latest version, Exchange Server 2019, will be supported throughout the coming years. This is made evident by an update in the development roadmap.
Microsoft gives the roadmap to inform on the developments of Exchange ... Read more
Microsoft Exchange Server under threat from ProxyShell vulnerabilities
ProxyShell refers to a trio of security flaws that have already been addressed by Microsoft. However, not all instances are patched yet. Attackers are scanning the internet for Microsoft Exchange Server instances without patches for the ProxyShell vulnerability.
Researchers have sounded the alar... Read more
Microsoft Exchange Server hacked, what are the consequences?
In the past few days, you may have seen some scary headlines. Tens of thousands of companies are at risk of being hacked because of vulnerabilities in Microsoft Exchange Server. The vulnerabilities are actively being abused. But what is really going on, and what are the risks?
On March 2, 2021, ... Read more