Check to see if you’re vulnerable to Microsoft Exchange Server zero-days using this tool

Microsoft’s Exchange Server team has released a script for IT admins to check if systems are vulnerable to recently-disclosed zero-day bugs. 

As noted in an alert published by the US Cybersecurity and Infrastructure Security Agency (CISA) on Saturday, Microsoft’s team has published a script on GitHub that can check the security status of Exchange servers. 

The script has been updated to include indicators of compromise (IOCs) linked to four zero-day vulnerabilities found in Microsoft Exchange Server. 

On March 2, the tech giant warned of the active exploit of the zero-days by a state-sponsored Chinese threat group called Hafnium. FireEye’s Mandiant Managed Defense team has also tracked ongoing attacks against US organizations leveraging the bugs. So far, victims include local government entities, a university, and retailers. 

“CISA is aware of widespread domestic and international exploitation of these vulnerabilities and strongly recommends organizations run the Test-ProxyLogon.ps1 script — as soon as possible — to help determine whether their systems are compromised,” the agency warns. 

Previously, CISA issued an emergency directive ordering federal agencies to examine their systems for any trace of suspicious activity and to apply patches provided by Microsoft immediately. 

Earlier this week, Microsoft revealed new malware families associated with the threat actors responsible for the compromise of SolarWinds. The Redmond giant believes the group behind the hack is Nobelium, Russian state-sponsored cyberattackers. 

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0


Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Next Post

Low-code and no-code is shifting the balance between business and technology professionals

Sat Mar 6 , 2021
The Covid-19 crisis has accelerated digital transformation, and in the process, pushed more tech-driven work well beyond the bounds of data centers — into executive suites, marketing departments, human resource offices, and even into the front lines. Business-side professionals with a minimum of development experience — beyond creating spreadsheets — […]