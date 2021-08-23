Microsoft Exchange servers under 'ProxyShell' attack

By on
Microsoft Exchange servers under 'ProxyShell' attack

Over 100 on-premises instances compromised.

Security researchers are urging administrators of Microsoft's Exchange to patch their instance as soon as feasible, due to widespread exploitation of the chained ProxyShell vulnerabilities.

Huntress Labs said over the weekend that it had tracked around 1900 of its clients' Exchange servers that had not been fully patched, and were at risk of exploitation.

Attackers are currently using the ProxyShell chain of vulnerabilities to install at least five different web shells to Microsoft Exchange servers.

Three separate vulnerabilities can be exploited through a transmission control protocol port, 445, to execute arbitrary commands on Exchange servers, without authentication.

Huntress Labs said administrators of on-premises Exchange Server 2019, 2016, and 2013 should patch their instances as soon as possible.

Failure to patch could put the servers at risk of ransomware attacks.

The ProxyShell vulnerabilities were discovered by. security researcher Orange Tsai who presented them at the annual Black Hat conference.

Security researcher Kevin Beaumont labelled the remote code execution exploit chain "as serious as they come" and warned that a major hacking campaign against Exchange servers is underway currently.

Beaumont said "it is clear that Microsoft are completely missing in action" and has published an Nmap scanning plug-in on Github to identify vulnerable Exchange servers.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
exchange huntress microsoft proxyshell security

Sponsored Whitepapers

Develop a resiliency strategy that integrates risk analysis & continuity management
Develop a resiliency strategy that integrates risk analysis & continuity management
IBM Maximo: Manage any asset, anytime, any place with mobile EAM
IBM Maximo: Manage any asset, anytime, any place with mobile EAM
Optimise your operations with APM and AI-Powered insights
Optimise your operations with APM and AI-Powered insights
Forrester Study: Understand the total economic impact of using IBM Cloud Pak&#8482; for Data
Forrester Study: Understand the total economic impact of using IBM Cloud Pak™ for Data
Technology skill development: The strategy for building better teams
Technology skill development: The strategy for building better teams

Events

Most Read Articles

JB Hi-Fi refurbishes 7500 'unsellable' handsets for staff, loan use

JB Hi-Fi refurbishes 7500 'unsellable' handsets for staff, loan use
Date set for second-level .au domain names launch

Date set for second-level .au domain names launch
Australian Federal Police investigates ASC subsea cable cut off Perth

Australian Federal Police investigates ASC subsea cable cut off Perth
CBA to send 100 roles including from its technology operations offshore

CBA to send 100 roles including from its technology operations offshore

Log In

Email:
Password:
  |  Forgot your password?