The update applies only the security patches and no other fixes. March 8 Update: Microsoft made an update available for selected versions of Exchange 2016 and Exchange 2019. March 7 Update: Microsoft published an article describing issues encountered when applying security updates to Exchange Server. More detail about the patching process is available in the Exchange team blog and this presentation from Microsoft EMEA support. Remember to install the updates using an account with administrator permissions (will prevent problems with OWA and ECP virtual directories) and always reboot servers once they’re updated. It’s recommended that you disable anti-virus products before attempting to install these updates.
This is an out-of-band update for an unsupported server to ensure that organizations have defense in depth.
The Microsoft Security Response Center (MSRC) noted that “ These vulnerabilities are used as part of an attack chain. Microsoft recommends that on-premises customers follow their published guidance to protect Exchange servers. While this attack is against on-premises servers, MSTC say that they have observed HAFNIUM “ interacting with victim Office 365 tenants.”Īmongst other issues, the identified vulnerabilities allow attackers to dump the LSASS process memory, use PowerShell to export mailbox data, download the OAB. As described in their blog, attackers “ used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments.” The attack is attributed to HAFNIUM, a group believed by Microsoft to be state-sponsored and operating out of China. On March 2, the Microsoft Threat Intelligence Center (MSTIC) issued details of multiple day-zero exploits in active use against on-premises Exchange servers.
Install Patches for Exchange 2010, 2013, 2016, and 2019 ASAP
0 kommentar(er)
