Microsoft Exchange Servers Still Open to Actively Exploited Flaw

30 September 2020

Over half of exposed Exchange servers are still vulnerable to a severe bug that allows authenticated attackers to execute code remotely with system privileges – even eight months after Microsoft issued a fix. The vulnerability in question (CVE-2020-0688) exists in the control panel of Exchange, Microsoft’s mail server and calendaring server. The flaw, which stems from the server failing to properly create unique keys at install time, was fixed as part of Microsoft’s February Patch Tuesday updates – and admins in March were warned that unpatched servers are being exploited in the wild by unnamed advanced persistent threat (APT) actors.

Read full article on Threat Post

Date:

30 September 2020

Categorie(s):

NEWS

Tag(s):

Flaws, Hacks, Microsoft, Security Pro, Servers

Cops cuff man for allegedly framing colleague with AI-generated hate speech clip25 April 2024
Ring dinged for $5.6M after, among other claims, rogue insider spied on ‘pretty girls’25 April 2024
After a 19-month saga, Broadcom finally patches Brocade SANnav bugs25 April 2024
Navigating the cyber seas: Clarity, compliance, and unified endpoint management 25 April 2024
Dropzone AI nabs $16.85M for its automated breach investigation platform25 April 2024