Home

All Versions of On-Premises Exchange Server Vulnerable to New Attack

Tony Redmond
MVP

 

A newly-discovered vulnerability in Exchange potentially allows attackers to gain control over Active Directory. Since Exchange 2000, Exchange has been a highly-privileged server that's tightly connected to Active Directory. Add in some NTLM weakness, Exchange Web Services push notifications, and everything comes together for the bad guys.

https://www.petri.com/exchange-server-vulnerable-new-attack

1 Reply
Fixing a Multi-Protocol Exchange Server Vulnerability No fix is available yet for the Exchange vulnerability reported by Dirk-jan Mollema and described in CVE-2018-8581. Apart from deploying a split permissions model, no out-of-the-box mitigation exists today. Microsoft is working actively to fix the problem and in the meantime, the brains of the Exchange community are hard at work to come up with possible solutions. https://www.petri.com/fixing-multi-protocol-exchange-server-vulnerability #Exchange #Vulnerability
Related Conversations
Windows Server 1809
Scott165 in Windows Server Insiders on
2 Replies
Outlook (365) Need Password - Issue
Muhammad Ali Khan in Office 365 on
21 Replies
Accessing a shared mailbox from a mobile device
Hexsysadmins in Office 365 on
14 Replies