Running Microsoft Exchange – Please take note

A recently found Microsoft Exchange Server vulnerability has been discovered. The vulnerability affects onsite implementations and if exploited it could give an attacker unauthorized access to and control of the network which would exist even after applying the necessary patches.

There have already been South African companies who have fallen victim to this attack.

Microsoft have released a patch to address the vulnerability (KB5000871). It is important to note that exploitation is widespread and indiscriminate, as such The Cybersecurity and Infrastructure Security Agency (CISA) advices that everyone using Microsoft Exchange on-premise products must:

  • Check for signs of compromise;
  • Immediately patch Microsoft Exchange with the vendor released patch; and
  • Upgrade to the latest supported version of Microsoft Exchange.

Click here for more guidance from Microsoft

Response to indicators of compromise is essential to remote attackers already on your network and must be accomplished in conjunction with measures to secure the Microsoft Exchange environment. Patching an already compromised system will not be sufficient to mitigate this situation; therefore, CISA strongly encourages partners to immediately disconnect any Microsoft Exchange systems suspected of being compromised.

For additional information click here to read an article from one of our investigation partners, AVeS.

We urge brokers to notify their clients and clients to check and ensure that the patch management processes are robust and critical patches such as those being released by Microsoft are applied as soon as they can be.

Patching remains critical, perhaps now more than ever before.

At a gallop!

Unlike the art world, it was little more than a hundred years ago that the motoring industry began to experience...

1 March 2024

South Africa’s Renewable Energy Push Offers Huge Opportunities For Specialist Insurers

South Africa has embarked on a major renewable energy drive, partly because the national power utility Eskom is unable to...

28 February 2024

iTOO inks Partnership With Armata Cyber Security To Provide World-Class Cyber Security Solutions

iTOO Special Risks, a leading specialty insurer providing amongst others comprehensive cyber insurance solutions in South Africa, has concluded a...

8 February 2024