Microsoft Exchange – Page 2

Microsoft Exchange Vulnerabilities: Zero-Days Pave Way for Remote Code Execution

Posted on November 6, 2023 by Rabia Noureen

Trend Micro’s Zero Day Initiative (ZDI) has disclosed four zero-day vulnerabilities in Microsoft Exchange. The security flaws could enable threat actors to run arbitrary code and disclose sensitive information on victims’ machines. According to ZDI, the critical vulnerabilities were reported to Microsoft in September 2023, with CVSS scores ranging from 7.1 to 7.5. Surprisingly, Microsoft’s…

The post Microsoft Exchange Vulnerabilities: Zero-Days Pave Way for Remote Code Execution appeared first on Petri IT Knowledgebase.

Continue reading Microsoft Exchange Vulnerabilities: Zero-Days Pave Way for Remote Code Execution→

Microsoft fixes exploited WordPad, Skype for Business zero-days (CVE-2023-36563, CVE-2023-41763)

Posted on October 10, 2023 by Zeljka Zorz

On this October 2023 Patch Tuesday, Microsoft has released 103 patches and has fixed three actively exploited vulnerabilities (CVE-2023-36563, CVE-2023-41763, CVE-2023-44487). The exploited zero-days (CVE-2023-36563, CVE-2023-41763, CVE-2023-44487) CVE… Continue reading Microsoft fixes exploited WordPad, Skype for Business zero-days (CVE-2023-36563, CVE-2023-41763)→

Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802)

Posted on September 12, 2023 by Zeljka Zorz

September 2023 Patch Tuesday is here, with fixes for actively exploited vulnerabilities in Adobe Acrobat and Reader (CVE-2023-26369), Microsoft Word (CVE-2023-36761), and Microsoft Streaming Service Proxy (CVE-2023-36802). Microsoft vulnerabilities of … Continue reading Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802)→

August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ

Posted on August 8, 2023 by Zeljka Zorz

August 2023 Patch Tuesday is here; among the 76 CVE-numbered issues fixed by Microsoft this time around is a DoS vulnerability in .NET and Visual Studio (CVE-2023-38180) for which proof-of-exploit code exists. Other than the fact that a patch is availa… Continue reading August 2023 Patch Tuesday: Microsoft fixes critical bugs in Teams, MSMQ→

Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database

Posted on July 26, 2023 by Help Net Security

Time is of the essence when it comes to recovery after Exchange Server failure or database corruption, as organizations depend on emails for their day-to-day business communication. The more the delay in restoring services and recovering data, the high… Continue reading Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database→

June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange

Posted on June 13, 2023 by Zeljka Zorz

For June 2023 Patch Tuesday, Microsoft has delivered 70 new patches but, for once, none of the fixed vulnerabilities are currently exploited by attackers nor were publicly known before today! Microsoft has previously fixed CVE-2023-3079, a type confusi… Continue reading June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange→

APT trends report Q1 2023

Posted on April 27, 2023 by GReAT

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. Continue reading APT trends report Q1 2023→

APT trends report Q1 2023

Posted on April 27, 2023 by GReAT

Microsoft patches zero-day exploited by attackers (CVE-2023-28252)

Posted on April 11, 2023 by Zeljka Zorz

It’s April 2023 Patch Tuesday, and Microsoft has released fixes for 97 CVE-numbered vulnerabilities, including one actively exploited zero-day (CVE-2023-28252). About CVE-2023-28252 CVE-2023-28252 is a vulnerability in the Windows Common Log File… Continue reading Microsoft patches zero-day exploited by attackers (CVE-2023-28252)→

Exchange Online will soon start blocking emails from old, vulnerable on-prem servers

Posted on March 28, 2023 by Zeljka Zorz

Slowly but surely, Microsoft aims to make it impossible for unsupported and/or unpatched on-prem Microsoft Exchange servers to use the company’s Exchange Online hosted cloud service to deliver email. Blocking potentially malicious emails from rea… Continue reading Exchange Online will soon start blocking emails from old, vulnerable on-prem servers→