Tag Archives: Exchange

Exchange Server September 2021 CU (2021/09/28)

Posted on 2021-09-29 by guenni

[German]Microsoft has released the Exchange quarterly cumulative updates (CU) for September 2021, effective September 28. The quarterly cumulative updates (CUs) are available for Exchange Server 2016 and Exchange Server 2019. These CUs include fixes for customer-reported issues, all previously released … Continue reading

Posted in Software, Update | Tagged , | Leave a comment

Microsoft tries to register autodiscover domains

Posted on 2021-09-25 by guenni

[German]After a design error in the Autodiscover protocol used by Microsoft Exchange became public, Microsoft is now rushing to register all Autodiscover domains. This is because clients may leak access data from Exchange accounts to such Autodiscover domains via the … Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Microsoft Exchange autodiscover design flaw leaks credentials to third party instances

Posted on 2021-09-23 by guenni

[German]Security researchers at Guardicore have discovered a design flaw in Microsoft Exchange autodiscover protocol that allows attackers to use external autodiscover domains to harvest domain credentials. This is possible because autodiscover domains outside the user's domain (but still in the … Continue reading

Posted in Security, Software, Windows | Tagged , | Leave a comment

Why you may not be able to decommission on-premises Exchange even with cloud solutions

Posted on 2021-09-12 by guenni

[German]If I understand correctly, many companies are moving towards the cloud. The hope is that once the on-premises Exchange functions are moved to the cloud in Exchange Online, the on-premises solutions will be gone. The other day I came across … Continue reading

Posted in Cloud, Windows | Tagged , , | Leave a comment

Exchange Server: Authentication bypass with ProxyToken

Posted on 2021-08-30 by guenni

[German]In the April 2021 cumulative updates, Microsoft fixed a vulnerability in its on-premises Exchange servers that allowed attackers to change configuration without authentication. This would have allowed an unauthenticated attacker to change the configuration for mailboxes of arbitrary users. This … Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Exchange Server 2016-2019: Custom attributes in ECP no longer updatable after CU installation (July 2021)

Posted on 2021-08-29 by guenni

[German]The installation of the latest CUs from July 2021 for Microsoft Exchange Server bricks the ability to update custom attributes in the Exchange Control Panel (ECP). That is what some user reports suggest. This affects different on-premises Exchange versions. Here's … Continue reading

Posted in issue, Software | Tagged , , | Leave a comment

Exchange and ProxyShell: News from Microsoft and security experts

Posted on 2021-08-26 by guenni

[German]I have reported several times on attacks on unpatched on-premises Exchange servers using the ProxyShell method in the blog. Now Microsoft has commented on this in an article and indicates which systems are at risk. In addition, I have received … Continue reading

Posted in Security | Tagged , | Leave a comment

ProxyShell, ProxyLogon and Microsoft's contradictious Exchange doc for virus scan exceptions

Posted on 2021-08-25 by guenni

[German]On August 20, 2021, Microsoft published recommendations on the subject of virus protection for on-premises Microsoft Exchange Servers. Recommendations are also given there regarding the exclusion of certain folders from virus scanning. On the other hand, we are experiencing waves … Continue reading

Posted in Security, Software | Tagged , , | Leave a comment

Wave of attacks, almost 2,000 Exchange servers hacked via ProxyShell

Posted on 2021-08-22 by guenni

[German]I have been waiting for this for a long time, but now the feared has happened. Since Friday, there has been a massive wave of attacks on unpatched Microsoft Exchange servers via the ProxyShell vulnerability. Huntres has already discovered over … Continue reading

Posted in computer, Security, Software, Update | Tagged , , , | Leave a comment

Exchange Server: Update on ProxyShell vulnerabilities

Posted on 2021-08-10 by guenni

[German]Unknown thread actors are scanning the Internet for Microsoft Exchange servers that are updated to March 2021 and are not protected against the ProxyLogon vulnerability. CERT-Bund warns, and calls for patching. Meanwhile, there are advanced Sigma rules for administrators to … Continue reading

Posted in Security, Software, Windows | Tagged , , | Leave a comment