Microsoft Exchange Server ProxyShell Attacks: MSSPs and MSPs Must Patch Vulnerabilities

Cyberattacks in opposition to on-premises Microsoft Exchange Server e-mail methods proceed. MSSPs and MSPs that monitor, handle, help and/or safe the e-mail server for purchasers can both migrate to Microsoft 365 cloud providers — or patch ProxyShell vulnerabilities often known as CVE-2021-34473CVE-2021-34523, and CVE-2021-31207, in line with a CISA (Cybersecurity and Infrastructure Security Agency) alert.

The CISA alert, issued August 21, 2021, acknowledged:

“Malicious cyber actors are actively exploiting the next ProxyShell vulnerabilities: CVE-2021-34473CVE-2021-34523, and CVE-2021-31207. An attacker exploiting these vulnerabilities may execute arbitrary code on a susceptible machine. CISA strongly urges organizations to establish susceptible methods on their networks and instantly apply Microsoft’s Security Update from May 2021—which remediates all three ProxyShell vulnerabilities—to guard in opposition to these assaults.”

What the ProxyShell & Exchange Attacks Mean

Stated one other approach: The ProxyShell assault permits hackers to put in a backdoor for later entry and post-exploitation, according to Huntress, a supplier of MDR (managed detection and response) safety providers to MSPs.

For extra on the MSP and MSSP implications, see this ongoing update from Perch Security, an MDR and co-managed providers specialist owned by ConnectWise.

Microsoft Exchange Server: Popular Cyberattack Vector

Cyberattacks in opposition to Microsoft Exchange Server have generated repeated headlines, notably in calendar yr 2021.

Indeed, the United States and a number of allies in July 2021 blamed hackers associated with China’s government for numerous Microsoft Exchange Server cyberattacks and email hack. The hack, first reported in Q1 of 2021, impacted 1000’s of on-premises e-mail prospects, small companies, enterprises and authorities organizations worldwide.

Earlier alerts about Exchange Server cyberattacks embody :

  1. Microsoft Advisory: Multiple Security Updates Released for Exchange Server
  2. Microsoft Blog: HAFNIUM targeting Exchange Servers with 0-day exploits
  3. Microsoft GitHub Repository: CSS-Exchange
  4. CISA Alert from March 2021: Mitigate Microsoft Exchange Server Vulnerabilities
  5. CISA Emergency Directive 21-02: Mitigate Microsoft Exchange On-Premises Product Vulnerabilities

Related Posts