Windows and Exchange Servers crash after March 2024 update
The latest Windows and Exchange Server update is causing domain controllers to crash. The problems occur on Windows Server 2016, Windows Server 2022, Exchange Server 2019 and Exchange Server 2016.
Several Windows administrators say they are experiencing outages on updated domain controllers. Th... Read more
28,500 Microsoft Exchange servers vulnerable
Update 20/02/2024 - 28,500 Microsoft Exchange servers have now been confirmed to be vulnerable to elevation of privilege. This puts affected organisations worldwide at significant risk, as many users are connected to Exchange for their work.
The attack surface may be even larger. Indeed, threat ... Read more
Exchange Online to block emails from “vulnerable” on-prem servers
Microsoft is enabling a new security feature to protect users from on-premise servers that have not updated their security.
Microsoft is enabling a new system for Exchange Online that will automatically start throttling and blocking emails sent from "persistently vulnerable Exchange servers" tha... Read more
Microsoft “strongly urges” admins to update their Exchange Servers
Unpatched servers make a tantalizing target for hackers, according to Microsoft.
This week Microsoft urged customers to keep their on-premises Exchange servers patched by applying the latest supported Cumulative Update (CU) to have them always ready to deploy an emergency security update.
Th... Read more
Researchers warn of increase in SSRF attacks on Microsoft Exchange
Bitdefender warns of an increase in cyberattacks on on-premises deployments of Microsoft Exchange Server 2013, 2016 and 2019.
The security company witnessed a recent rise in ProxyNotShell and OWASSRF, two tactics for attacks on Microsoft Exchange Server.
The tactics exploit two known vulnera... Read more
Cybercriminals hack Microsoft Exchange servers with zero-days
Microsoft confirms that cybercriminals are exploiting two zero-day vulnerabilities in Exchange Server 2013, 2016 and 2019.
The vulnerabilities allow cybercriminals to conduct remote code execution attacks. The bugs were discovered by GTSC. The security company published a mitigation guide. The ... Read more
New SessionManager malware attacks Exchange servers
Kaspersky researchers discovered a new malware variant that attacks Microsoft Exchange servers. 'SessionManager' installs a backdoor on affected systems. According to the researchers, mitigation is a difficult process.
Kaspersky notes that SessionManager has been active for 15 months. Some 34 s... Read more
Microsoft Exchange Server won’t get a new version until 2025
Microsoft Exchange Server won't get a new on-premises version until 2025. The latest version, Exchange Server 2019, will be supported throughout the coming years. This is made evident by an update in the development roadmap.
Microsoft gives the roadmap to inform on the developments of Exchange ... Read more
Microsoft Exchange Server under threat from ProxyShell vulnerabilities
ProxyShell refers to a trio of security flaws that have already been addressed by Microsoft. However, not all instances are patched yet. Attackers are scanning the internet for Microsoft Exchange Server instances without patches for the ProxyShell vulnerability.
Researchers have sounded the alar... Read more
Microsoft Exchange Server hacked, what are the consequences?
In the past few days, you may have seen some scary headlines. Tens of thousands of companies are at risk of being hacked because of vulnerabilities in Microsoft Exchange Server. The vulnerabilities are actively being abused. But what is really going on, and what are the risks?
On March 2, 2021, ... Read more