adplus-dvertising
Close Menu
Breaking News:
Shop
Technology News

Microsoft's updated script checks for Exchange vulnerabilities – IT World Canada

Microsoft's updated script checks for Exchange vulnerabilities – IT World Canada


Cybersecurity agencies around the world continue to press IT departments with Microsoft Exchange running on-prem to immediately update their severs or disconnect them from the internet as more reports emerge that recently-discovered vulnerabilities have been exploited by a threat actor in many countries.

On Saturday Microsoft released an updated script that scans Exchange log files for indicators of compromise associated with the vulnerabilities disclosed on March 2.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said there has been “widespread domestic and international exploitation of these vulnerabilities,” and strongly recommends organizations run the Microsoft tool, called, Test-ProxyLogon.ps1 script as soon as possible to help determine if their systems are compromised.

In Canada, the federal government’s Canadian Centre for Cyber Security updated its alert to cautions that neither interim nor recommended patching solutions fully protect systems that have been previously compromised. Exchange systems should be disconnected from the internet and thoroughly analyzed before patching.

Cybersecurity reporter Brian Krebs says his sources believe at least 30,000 organizations with Exchange serveres across the United States — including a significant number of small businesses, towns, cities and local governments — have recently been hacked. World-wide “hundreds of thousands” of Exchange Servers are believed to have been compromised by the same Chinse-based gang Microsoft dubs Hafnium.

Microsoft has stated the following versions and cumulative updates (CU) to Exchange must be installed prior to the security update.

  • Exchange Server 2010 (update requires SP 3 or any SP 3 RU – this is a Defense in Depth update)
  • Exchange Server 2013 (update requires CU 23)
  • Exchange Server 2016 (update requires CU 19 or CU 18)
  • Exchange Server 2019 (update requires CU 8 or CU 7)

The latest information is available on Microsoft’s blog.

(This story has been updated from the original to include comments from Brian Krebs’ blog)

Would you recommend this article?

Thanks for taking the time to let us know what you think of this article!
We’d love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada

#liker-thanksdisplay:none; padding:12px; background:#D2DDFF; border:1px solid #0010AA;

Related Download
Cybersecurity Conversations with your Board Sponsor: CanadianCIO


Cybersecurity Conversations with your Board – A Survival Guide
A SURVIVAL GUIDE BY CLAUDIO SILVESTRI, VICE-PRESIDENT AND CIO, NAV CANADA
Download Now

Let’s block ads! (Why?)

728x90x4

Source link

Share.

Harry Miller is a writer and editor based in Toronto who has Ten years of experience in the journalism industry. Before coming to Canada News Media as a National Online Journalist, Miller worked as a senior writer and a reporter-editor with the Canadian Press and a breaking news reporter with the Toronto Star. Miller currently holds two bachelor’s degrees, one in journalism from Ryerson University and another in communications and film studies from Carleton University.

Related Posts