Patch your Microsoft Exchange deployments now, users warned

Cybersecurity researchers have revealed a proof-of-concept (PoC) code for an actively exploited excessive severity vulnerability in Microsoft Exchange servers that Microsoft has already patched within the November 2021 Patch Tuesday.

Successful exploitation of the vulnerability within the in style hosted email server, tracked as CVE-2021-42321, allows authenticated attackers to execute code remotely on Microsoft Exchange Server 2016 and Exchange Server 2019 installations.

Almost two weeks after the discharge of Microsoft’s patch, a Vietnamese safety researcher who goes by the moniker Janggggg, has launched a PoC exploit for the bug, which ought to additional incentivize admins to patch their weak installations.

“This PoC [will] simply pop mspaint.exe on the goal, [and] could be use[d] to acknowledge the signature sample of a profitable assault occasion,” tweeted the researcher whereas sharing the PoC.

Functional PoC

Reporting on the event, BleepingComputer shares that admins can use the Exchange Server Health Checker script to generate a listing of all weak Exchange servers of their community that must be patched towards CVE-2021-42321.

According to Microsoft, the safety flaw is attributable to improper validation of cmdlet arguments, and comes on the heels of two main malicious Exchange-centric campaigns, which have focused totally different, however associated vulnerabilities often known as ProxyLogon and ProxyShell.

Although the problems have all been patched, the brand new PoC has as soon as once more created a chance for risk actors to go after unpatched servers.

While the researcher did await a few weeks after the discharge of the patch to unleash the PoC in a bid to assist safety researchers perceive the flaw, its launch ought to function a reminder for torpid admins to patch their on-premise Exchange servers with out additional delay.

Ensure your programs stay safe and up to date utilizing one in all these best patch management tools

https://www.techradar.com/information/patch-your-microsoft-exchange-deployments-now-users-warned

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Related Posts

Former FBI Deputy Director Andrew McCabe finds ‘nauseating similarities’ between Biden special counsel report and Hillary Clinton email case

How to avoid malware on Linux systems

St. Louis police, special prosecutor seize email server from Circuit Attorney Kim Gardner’s office

US says Russian hackers stole federal government emails during Microsoft cyberattack

How to Specify a Preferred SMTP Server on a Mac

Hillary Clinton broke law with private email server – top US govt watchdog • The Register