| where csUriStem = “/autodiscover/autodiscover. The security update from April has fixes for two of the vulnerabilities and the third was patched in May. Microsoft recommend using their Exchange Server Health Checker script to get an inventory of server patch levels. The following products may be vulnerable if unpatched.Ĭurrent estimates point to around 400,000 vulnerable machines exposed to the Internet. What is the impact?Īccording to the security researcher, Orange Tsai, “These attack vectors enable any unauthenticated attacker to uncover plaintext passwords and even execute arbitrary code on Microsoft Exchange Servers through port 443” Are my systems vulnerable? if F-Secure Anti-Virus for Microsoft Exchange is installed with the product. Following the presentation, active scanning for vulnerable servers has been observed. WithSecure Email and Server Security : Configure Email storage scanning.
Researchers presenting at the Black Hat 2021 security conference have released further details on Exchange vulnerabilities from April.
0 kommentar(er)
