Jump to content

Fresh Round of Microsoft Exchange Exploits Patched (Thanks NSA!)

KnotRolls
By KnotRolls
in Tech News
 Share
Posted

Summary

There's a been a fresh wave of Exchange server exploits just a month after the last round of well publicized Hafnium exploits. Microsoft has released their usual round of Patch Tuesday which included 19 critical patches plus a variety of others.

 

Quotes

Quote

April showers bring hours of patches as Microsoft delivers its Patch Tuesday fun-fest consisting of over a hundred CVEs, including four Exchange Server vulnerabilities reported to the company by the US National Security Agency (NSA).

 

Among the vulnerabilities, four have been publicly disclosed and a fifth is being actively exploited. Nineteen of the CVEs have been designated critical.

 

"NSA urges applying critical Microsoft patches released today, as exploitation of these #vulnerabilities could allow persistent access and control of enterprise networks," the signals intelligence agency said via Twitter.

Pointing to the two 9.8 severity Exchange flaws, Dustin Childs, director of communications for the Zero Day Initiative, in a blog post said, "Both code execution bugs are unauthenticated and require no user interaction. Since the attack vector is listed as 'Network,' it is likely these bugs are wormable – at least between Exchange servers."

 

My thoughts

I think this is noteworthy beyond the usual cycle of Microsoft patch notes due to the active exploitation going on just a month after the Hafnium news was released. The FBI going and patching the servers effected by last months patched vulnerabilities made more of a headline which is fair but some admins may think "we've just patched in March we'll be fine for a while" and not realize there's a fresh wave of exploits needing patching, especially those that only do quarterly or biannual patches.

 

I realized this was a fairly juicy exploit when our MSP not only emailed but called to make sure people were aware of this second round of exploits in the wild.

 

Sources

 

Released: April 2021 Exchange Server Security Updates - Microsoft Tech Community

NSA helps out Microsoft with critical Exchange Server vulnerability disclosures in an April shower of patches • The Register

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

It's nice to see that the NSA actually helps protect people rather than develop and hoard troves of exploits for their own gains.

I mean... They probably still do that, but at least they are sharing info about these really big, wormable, secuirty issues.

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×