Running Microsoft Exchange – Please take note

A recently found Microsoft Exchange Server vulnerability has been discovered. The vulnerability affects onsite implementations and if exploited it could give an attacker unauthorized access to and control of the network which would exist even after applying the necessary patches.

There have already been South African companies who have fallen victim to this attack.

Microsoft have released a patch to address the vulnerability (KB5000871). It is important to note that exploitation is widespread and indiscriminate, as such The Cybersecurity and Infrastructure Security Agency (CISA) advices that everyone using Microsoft Exchange on-premise products must:

  • Check for signs of compromise;
  • Immediately patch Microsoft Exchange with the vendor released patch; and
  • Upgrade to the latest supported version of Microsoft Exchange.

Click here for more guidance from Microsoft

Response to indicators of compromise is essential to remote attackers already on your network and must be accomplished in conjunction with measures to secure the Microsoft Exchange environment. Patching an already compromised system will not be sufficient to mitigate this situation; therefore, CISA strongly encourages partners to immediately disconnect any Microsoft Exchange systems suspected of being compromised.

For additional information click here to read an article from one of our investigation partners, AVeS.

We urge brokers to notify their clients and clients to check and ensure that the patch management processes are robust and critical patches such as those being released by Microsoft are applied as soon as they can be.

Patching remains critical, perhaps now more than ever before.

Understanding the different types of cyberbullying to create safer online spaces

Despite the countless benefits that technology brings to our daily lives, the digital age also has a dark side, enabling...

15 May 2024

The Reality of Cyberbullying in South Africa – Trends, Warning Signs and Consequences

The rise of social media and digital communication channels has facilitated the spread of cyberbullying, with platforms such as Facebook...

14 March 2024

iTOO unveils new ‘game-changing’ aviation launch into South Africa

iTOO Special Risks has unveiled the launch of its aviation insurance offering – which it describes as a game-changer for the...

14 March 2024