Software

Critical Exploit for Microsoft Exchange

If you are running Microsoft Exchange on-premise (you host it instead of Exchange Online through Microsoft), apply the ...


If you are running Microsoft Exchange on-premise (you host it instead of Exchange Online through Microsoft), apply the patch for your version found here. This patch will require a reboot of the server.  Microsoft has released information that this attack is in active use by attackers.  The attack allows them to run remote code on your server and add administrator accounts or install malware without the need to authenticate.

If you're one of our clients there's nothing to worry about.  We've already taken care of this for you and we're monitoring your servers.

If you're not one of our clients, reach out to us and we'll be happy to discuss how we can help you.

More information:
Volexity - https://www.volexity.com/blog/2021/03/02/active-exploitation-of-microsoft-exchange-zero-day-vulnerabilities/
Microsoft - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26855
Microsoft - https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/

Similar posts