Microsoft Exchange Server ProxyShell Attacks: MSSPs and MSPs Must Patch Vulnerabilities

by Joe Panettieri • Aug 23, 2021

Cyberattacks in opposition to on-premises Microsoft Exchange Server e-mail methods proceed. MSSPs and MSPs that monitor, handle, help and/or safe the e-mail server for purchasers can both migrate to Microsoft 365 cloud providers — or patch ProxyShell vulnerabilities often known as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207, in line with a CISA (Cybersecurity and Infrastructure Security Agency) alert.

The CISA alert, issued August 21, 2021, acknowledged:

“Malicious cyber actors are actively exploiting the next ProxyShell vulnerabilities: CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. An attacker exploiting these vulnerabilities may execute arbitrary code on a susceptible machine. CISA strongly urges organizations to establish susceptible methods on their networks and instantly apply Microsoft’s Security Update from May 2021—which remediates all three ProxyShell vulnerabilities—to guard in opposition to these assaults.”

What the ProxyShell & Exchange Attacks Mean

Stated one other approach: The ProxyShell assault permits hackers to put in a backdoor for later entry and post-exploitation, according to Huntress, a supplier of MDR (managed detection and response) safety providers to MSPs.

For extra on the MSP and MSSP implications, see this ongoing update from Perch Security, an MDR and co-managed providers specialist owned by ConnectWise.

Microsoft Exchange Server: Popular Cyberattack Vector

Cyberattacks in opposition to Microsoft Exchange Server have generated repeated headlines, notably in calendar yr 2021.

Indeed, the United States and a number of allies in July 2021 blamed hackers associated with China’s government for numerous Microsoft Exchange Server cyberattacks and email hack. The hack, first reported in Q1 of 2021, impacted 1000’s of on-premises e-mail prospects, small companies, enterprises and authorities organizations worldwide.

Earlier alerts about Exchange Server cyberattacks embody :

Microsoft Advisory: Multiple Security Updates Released for Exchange Server
Microsoft Blog: HAFNIUM targeting Exchange Servers with 0-day exploits
Microsoft GitHub Repository: CSS-Exchange
CISA Alert from March 2021: Mitigate Microsoft Exchange Server Vulnerabilities
CISA Emergency Directive 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

What the ProxyShell & Exchange Attacks Mean

Microsoft Exchange Server: Popular Cyberattack Vector

Related Posts

How to Fix It When Outlook Keeps Asking for a Password

Hillary Clinton’s email server is why this race is still close

Judicial Watch Settles Historic Hillary Clinton Email Lawsuit!

Email Hosting Services Market Rewriting Long Term Growth Story As Revealed In New Report

But Their Emails: Republicans React to Their Own Email Scandal

Dedicated SMTP Server For Bulk Mailing | By Time4Servers | by Time4Servers Technologies | Apr, 2024