Blogs
Links
Archives
Categories
Social networks
Awards
Sponsors
(Paypal-Donations)Recent Comments
- BradentonDeb2021 on Microsoft as a Security Risk? Azure vulnerability unpatched since March 2023, heavy criticism from Tenable – Part 2
- anon on Windows 11 22H2: Microsoft fix for file copy performance issues is coming
- EP on Windows: Edge 123.0.2420.65 update from March 2024 unintentionally brings co-pilot app; no "spy function"
- Natasha on Exchange Online: Microsoft confirms outgoing emails are rejected as spam (March 2024)
- mjit on Windows Server 2019: March 2024 update KB5035849 prevents printer redirection
Meta
Recent Comments
- BradentonDeb2021 on Microsoft as a Security Risk? Azure vulnerability unpatched since March 2023, heavy criticism from Tenable – Part 2
- anon on Windows 11 22H2: Microsoft fix for file copy performance issues is coming
- EP on Windows: Edge 123.0.2420.65 update from March 2024 unintentionally brings co-pilot app; no "spy function"
- Natasha on Exchange Online: Microsoft confirms outgoing emails are rejected as spam (March 2024)
- mjit on Windows Server 2019: March 2024 update KB5035849 prevents printer redirection
Archives
Categories
Meta
Tag Archives: Exchange
Microsoft has fixed an Exchange EWS issue from March 14, 2024 on Macs
[German]A small addendum from this week. A reader emailed me a few days ago to say that there was a problem with Microsoft Exchange in connection with a mail client with EWS. According to the reader's observations, this has been … Continue reading
Advertising
More than 28,500 Exchange servers vulnerable via CVE-2024-21410; more software affected?
[German]Since February 13, 2024, a vulnerability CVE-2024-21410 has been known, through which attackers can access NTLM hashes via Microsoft Exchange Server and then misuse them for NTLM relay or pass-the-hash attacks. I have now read that more than 28,500 Exchange … Continue reading
How to find weak passwords in Active Directory and eliminate them with PowerShell
[Sponsored Post]Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate basic AD deficits, other tools are needed for this. More ...
Follow-up on CU 14 for Exchange 2019 and vulnerability CVE-2024-21410 (Feb. 2024)
[German]On February 13, 2024, a critical vulnerability CVE-2024-21410 in Microsoft Exchange Server became public. The Elevation of Privilege vulnerability has a CVEv3 score of 9.8 and is likely to be exploited (soon). Security authorities are warning about this vulnerability. However, … Continue reading
Advertising
Exchange Server Cumulative Update CU 14 (February 13, 2024)
[German]Microsoft has released the cumulative update CU 2024 H1 for Exchange Server 2019 on February 13, 2024. This update (CU 14) contains fixes for customer-reported issues, a security change and all previously released security updates (SUs). Advertising
Posted in Security, Software, Update
Tagged Exchange, Patchday 2.2024, Security, Update
Leave a comment
Microsoft identifies Russian attacker exploiting CVE-2023-23397 in Outlook to access Exchange accounts
[German]CVE-2023-23397 is a vulnerability in Microsoft Outlook that could be exploited in conjunction with Microsoft Exchange servers, which was closed with security updates in March 2023. Microsoft has now identified an attacker based in Russia who is actively exploiting CVE-2023-23397 … Continue reading
Advertising
20,000 unpatched Exchange servers accessible via the Internet (Dec. 2023)
[German]Looks like we're heading for the next cyberattack disaster. Network scans by security researchers have found around 20,000 Microsoft Exchange servers that are accessible via the internet and vulnerable to remote code attacks. The Exchange servers are located in Asia, … Continue reading
Exchange Server security updates (November 14, 2023)
[German]Microsoft has released security updates for Exchange Server 2016 and Exchange Server 2019 on November 14, 2023. These security updates close vulnerabilities in this software. The updates should be installed on the systems promptly to close the vulnerabilities in question. … Continue reading
Posted in Security, Software, Update
Tagged Exchange, patchday 11-2023, Security, Update
Leave a comment
Microsoft Exchange: Four 0-day Exchange vulnerabilities allows RCE attacs and data thief
[English]Trend Micro's Zero Day Initiative (ZDI) has just published four unpatched vulnerabilities (so-called 0-Days) in Microsoft Exchange. These were reported to Microsoft in September 2023 and ZDI classifies them with CVSS scores of 7.1 to 7.5. Microsoft's security experts do … Continue reading
Advertising
Microsoft Exchange Server October 2023 Patchday issues
[German]As of October 10, 2023, Microsoft has indeed released security updates (SU) for on-premises Exchange Server 2016 / 2019. These pick up the August 2023 patches, but may cause problems with Exchange installations. For example, there may be installation error … Continue reading
Exchange Active Sync-Bug in iOS 17.0.3
[German]Brief note to administrators who manage mobile devices with a mail connection to Microsoft's Exchange. A reader informed me about an annoying bug in iOS 17.0.3, which leads to problems with the appointment management (appointment commitments are delivered multiple times). … Continue reading