Patch your Microsoft Exchange deployments now, users warned

DMCA / Correction Notice
- Advertisement -

Cyber ​​security Researchers have published proof-of-concept (PoC) code for an actively exploited high-severity vulnerability in Microsoft Exchange Server that Microsoft has already settled In November 2021 Patch Tuesday.

- Advertisement -

Successful exploitation of vulnerability in popular hosted email server, tracked as CVE-2021-42321, enables authenticated attackers to execute code remotely on Microsoft Exchange Server 2016 and Exchange Server 2019 installations.

Nearly two weeks after Microsoft’s release of the patch, a Vietnamese security researcher who goes by the moniker Janggggg has released a PoC exploit for the bug, which should encourage administrators to patch their vulnerable installations .

Techradar needs you!

We’re looking at how our readers use a VPN with streaming sites like Netflix so we can improve our content and offer better advice. This survey will take you no more than 60 seconds, and we would greatly appreciate it if you shared your experiences with us.

>> Click here to start survey in new window <

- Advertisement -

“This POC [will] Just pop mspaint.exe on the target, [and] may be used[d] To recognize the signature pattern of a successful attack event,” tweeted Researchers sharing POC.

functional POC

reporting on development, bleeding computer Shares that admins can use Exchange Server Health Checker Script To generate a list of all vulnerable Exchange servers in your network that need to be patched against CVE-2021-42321.

according to microsoft, is caused by improper verification of security flaw cmdlet arguments, and come on the heels of two major malicious exchange-focused campaigns that targeted separate, but related vulnerabilities known to proxy logon And proxyshell,

Although all the issues have been resolved, the new PoC has once again created an opportunity for threat actors to go for unpatched servers.

While researchers waited a few weeks after the patch was released to free up PoC to help security researchers understand the flaw, its release was designed as a way for sluggish administrators to patch their on-premises Exchange servers. Should serve as a reminder. and delay.

Make sure your system remains secure and up to date by using one of these Best Patch Management Tools

- Advertisement -

Stay on top - Get the daily news in your inbox

Recent Articles

Related Stories