Microsoft warns users about two Exchange zero-day bugs exploited by attackers
Agencies
Synopsis
Due to two connected "zero-day" vulnerabilities, Microsoft email users are in danger of attack. The tech giant acknowledged that only a small number of targeted individuals had exploited these vulnerabilities but added that it was working to find solutions.
By ET Spotlight Special
Microsoft has revealed that "targeted attacks" utilize two Exchange servers' zero-day vulnerabilities.
It has been asserted that these problems also affect Exchange Server 2013, 2016, and 2019.
Microsoft pledged to provide a fix for these problems in a shorter amount of time. Microsoft asserted that it had provided consumers with mitigations and support for detections up until that point to aid their security.
Oliver Pinson-Roxburgh, CEO of the cybersecurity firm Defense.com, claims that the exploit attacks remind us of the "constant threat" cyberattacks represent. Additionally, Pinson-Roxburgh "applauded" Microsoft for acting "rapidly" to notify customers of the issue.
FAQs
Is the Microsoft account secure?
Microsoft prioritizes account security and attempts to prevent unauthorized sign-ins.
How are zero-day vulnerabilities found?
These are found either by the developer or by users when a program exhibits odd behavior.
(You can now subscribe to our Economic Times WhatsApp channel)
ADVERTISEMENT
The first weakness—a "server-side request forgery" vulnerability—and the second one allow remote code execution on a server when an attacker gains access to PowerShell. It has been asserted that these problems also affect Exchange Server 2013, 2016, and 2019.
GTSC Identified the Flaws First
The cybersecurity firm GTSC was the first to identify the flaws. This company claimed that leveraging the exploits could perform lateral motions to other servers and backdoor creation in affected systems.ADVERTISEMENT
Microsoft pledged to provide a fix for these problems in a shorter amount of time. Microsoft asserted that it had provided consumers with mitigations and support for detections up until that point to aid their security.
Microsoft Appreciated for Acting Quickly
The enthusiastic tech giant encouraged Exchange Server users to deny non-admin users remote PowerShell access.ADVERTISEMENT
Oliver Pinson-Roxburgh, CEO of the cybersecurity firm Defense.com, claims that the exploit attacks remind us of the "constant threat" cyberattacks represent. Additionally, Pinson-Roxburgh "applauded" Microsoft for acting "rapidly" to notify customers of the issue.
Kaspersky's Malware Attack
Kaspersky revealed that a piece of malware was backdooring Microsoft Exchange servers that were under the control of governments and other international organizations earlier this year.ADVERTISEMENT
FAQs
Is the Microsoft account secure?Microsoft prioritizes account security and attempts to prevent unauthorized sign-ins.
How are zero-day vulnerabilities found?
These are found either by the developer or by users when a program exhibits odd behavior.
(You can now subscribe to our Economic Times WhatsApp channel)
Disclaimer Statement: This content is authored by an external agency. The views expressed here are that of the respective authors/ entities and do not represent the views of Economic Times (ET). ET does not guarantee, vouch for or endorse any of its contents nor is responsible for them in any manner whatsoever. Please take all steps necessary to ascertain that any information and content provided is correct, updated, and verified. ET hereby disclaims any and all warranties, express or implied, relating to the report and any content therein.
