July 14, 2025
Trending News

Critical flaw in Microsoft Exchange being exploited for patch release

  • February 15, 2024
  • 0

A flaw in Microsoft Exchange was already being exploited by hackers before Microsoft could release the necessary patches this month. Installing them should be a top priority as

Microsoft Exchange

A flaw in Microsoft Exchange was already being exploited by hackers before Microsoft could release the necessary patches this month. Installing them should be a top priority as it may already be too late.

This month, Microsoft released updates to fix a dangerous vulnerability in Exchange Server Patch Tuesday. Unfortunately, cyber criminals had already discovered the CVE-2024-21410 error. The zeroday allows hackers to remotely access the Exchange Server without authentication and impersonate a legitimate user. Microsoft warns that such attacks have been in the wild for some time.

Microsoft Exchange Server 2019 CU 14 and 13 are vulnerable, unlike Exchange Server 2016 CU 23. Microsoft has now rolled out patches for version 2019. Given the active abuse, high impact, and low sophistication of the attack, patching should be an absolute priority.

Mitigate

Users can also arm themselves Advanced protection for authentication or EPA. The patch automatically activates this additional security capacity. Users of older Exchange versions can protect themselves by enabling the functionality themselves using a PowerShell script.

Microsoft Exchange Server is a popular target for hackers. Too many organizations run their mail servers locally and don’t use Exchange in the cloud. This means IT staff are responsible for updates that all too often don’t get installed. A study late last year found that there are more than 10,000 vulnerable servers running in Europe alone.

Source: IT Daily

Leave a Reply

Your email address will not be published. Required fields are marked *

Exit mobile version