cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

All Versions of On-Premises Exchange Server Vulnerable to New Attack

Tony Redmond
MVP

‎Jan 25 2019 09:59 AM

‎Jan 25 2019 09:59 AM

All Versions of On-Premises Exchange Server Vulnerable to New Attack

 

A newly-discovered vulnerability in Exchange potentially allows attackers to gain control over Active Directory. Since Exchange 2000, Exchange has been a highly-privileged server that's tightly connected to Active Directory. Add in some NTLM weakness, Exchange Web Services push notifications, and everything comes together for the bad guys.

https://www.petri.com/exchange-server-vulnerable-new-attack

Labels:
1,320 Views
0 Likes
1 Reply
Reply
1 Reply
Tony Redmond

‎Jan 29 2019 05:34 AM

‎Jan 29 2019 05:34 AM

RE: All Versions of On-Premises Exchange Server Vulnerable to New Attack

Fixing a Multi-Protocol Exchange Server Vulnerability No fix is available yet for the Exchange vulnerability reported by Dirk-jan Mollema and described in CVE-2018-8581. Apart from deploying a split permissions model, no out-of-the-box mitigation exists today. Microsoft is working actively to fix the problem and in the meantime, the brains of the Exchange community are hard at work to come up with possible solutions. https://www.petri.com/fixing-multi-protocol-exchange-server-vulnerability #Exchange #Vulnerability
0 Likes
Reply