La vulnerabilidad de Exchange que compromete los servidores para ataques futuros: cómo funciona y sus posibles parches xataka.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from xataka.com Daily Mail and Mail on Sunday newspapers.
Mar 14, 2021 11:40 EDT with 0 comments
A bit of a printer mishap with Patch Tuesday, the ZeniMax acquisition now being official, and a farewell to Legacy Edge were all things that happened this week. You can find info about that, as well as much more below, in your Microsoft digest for the week of March 7 – 13.
Patch Tuesday woes
To the surprise of perhaps very few, Microsoft pushed out the main set of security updates to its supported variants of Windows right on cue, on the second Tuesday of the month. If you’re on a Windows 10 system, these updates are:
May 2020 Update /
Mar 7, 2021 10:52 EST with 0 comments
The week brought everything from Ignite news aplenty – as expected – to a rather serious set of Exchange on-prem vulnerabilities, and the usual Windows Insider builds. You can find info about that, as well as much more below, in your Microsoft digest for the week of February 28 – March 6.
An unfortunate Exchange
CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065, otherwise known as the set of vulnerabilities in Exchange on-premises servers that were used by state-sponsored Chinese hacking group HAFNIUM in its attacks this week (and the days prior).
While news of the exploits started circulating at the beginning of the year, the vulnerability chaining did not happen until earlier this week. Microsoft has outlined a number of Indicators of Compromise (or IOCs), along with pushing out out-of-band patches for all affected Exchange on-prem servers - versions 2013 through to 2019. The company has urged admins to
minute read
Share this article:
A growing number of cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys are confirming being targeted in the espionage attack.
The Mimecast certificate compromise reported earlier in January is part of the sprawling SolarWinds supply-chain attack, the security firm has confirmed.
Mimecast joins other cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys in being targeted in the attack.
A Mimecast-issued certificate used to authenticate some of the company’s products to Microsoft 365 Exchange Web Services had been “compromised by a sophisticated threat actor,” the email-protection company announced in mid-January. That caused speculation that the breach was related to SolarWinds, which the firm confirmed in an update this week.