4/1/2023 0 Comments Msert infected filesThis is likely to increase now, as I came across the following tweet.Ī security researcher has published on Microsoft's GitHub platform his proof of concept (PoC) for the Exchange vulnerabilities (this is not a working exploit, mind you). I had already pointed out in the blog post Exchange hack: new victims, new patches, new attacks that at least ten threat actors are attacking unpatched Exchange systems that are accessible via the Internet (port 443). Somewhat off-topic, Microsoft has removed information on some SSUs under ADV990001, as they have since been integrated into the cumulative updates for Windows 10 2004/20H2 as well as their server counterparts. I got also the feedback from my German blog readers, that these updates has arrived on WSUS. This includes Exchange Server 2019, CU1 and CU2, and Exchange Server 2016 CU 8, CU 9, CU10 and CU11. So, Microsoft has released the final set of security updates for vulnerabilities CVE-2021-27065, CVE-2021-26855, CVE-2021-26857 and CVE-2021-26858 for several cumulative updates (CU) for Exchange Server that are no longer supported. Microsoft strongly recommends that customers update to the latest supported cumulative Customers who want to be protected from these vulnerabilities canĪpply these updates if they are not Exchange Server on a supported cumulative update. – Reason for Revision: Microsoft is releasing the final set of security updates forĬVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for severalĬumulative Updates that are out of support, including Exchange Server 2019, CU1Īnd CU2 and Exchange Server 2016 CU 8, CU 9, CU10, and CU11. – Microsoft Exchange Server Remote Code Execution Vulnerability
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |