Second, it would create what's called a web shell to control the compromised server remotely. Tom Burt, a Microsoft corporate vice president, described in a blog post last week how an attacker would go through multiple steps:įirst, it would gain access to an Exchange Server either with stolen passwords or by using the previously undiscovered vulnerabilities to disguise itself as someone who should have access. Microsoft said the main group exploiting vulnerabilities is a nation-state group based in China that it calls Hafnium.Īttacks on the Exchange software started in early January, according to security company Volexity, which Microsoft gave credit to for identifying some of the issues. Hackers had initially pursued specific targets, but in February they started going after more servers with the vulnerable software that they could spot, Krebs wrote.Īre people exploiting the vulnerabilities? "That means the vulnerabilities the attackers exploited have been in the Microsoft Exchange Server code base for more than 10 years," security blogger Brian Krebs wrote in a Monday blog post.
Microsoft office 365 home premium what happens after 1 year Patch#
Microsoft also took the unusual step of issuing a patch for the 2010 edition, even though support for it ended in October. Generally, Microsoft releases updates on Patch Tuesday, which occurs on the second Tuesday of each month, but the announcement about attacks on the Exchange software came on the first Tuesday, emphasizing its significance.
0 kommentar(er)
