Lucene search

Microsoft Security Response CenterMSRC:9DA5AC102EA6224E027868594A8ED7B8

HistoryMar 16, 2021 - 7:00 a.m.

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

2021-03-1607:00:00

Microsoft Security Response Center

link

0.975 High

EPSS

Percentile

100.0%

JSON

This guidance will help customers address threats taking advantage of the recently disclosed Microsoft Exchange Server on-premises vulnerabilities CVE-2021-26855, CVE-2021-26858, CVE-2021-26857, and CVE-2021-27065, which are being exploited. We strongly urge customers to immediately update systems. Failing to address these vulnerabilities can result in compromise of your on-premises Exchange Server and, potentially, other parts of your internal network.

msrc

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

2021-03-16 07:00:00

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

2021-03-16 18:44:28

securelist

Zero-day vulnerabilities in Microsoft Exchange Server

2021-03-04 17:20:57

Black Kingdom ransomware

2021-06-17 10:00:41

IT threat evolution Q1 2021

2021-05-31 10:00:37

impervablog

Imperva Observes Hive of Activity Following Hafnium Microsoft Exchange Disclosures

2021-03-26 15:06:38

malwarebytes

Patch now! Exchange servers attacked by Hafnium zero-days

2021-03-03 12:34:27

The top 5 most routinely exploited vulnerabilities of 2021

2022-04-29 16:28:20

Microsoft Exchange attacks cause panic as criminals go shell collecting

2021-03-09 19:59:37

attackerkb

CVE-2021-26857

2021-03-03 00:00:00

Multiple Microsoft Exchange zero-day vulnerabilities - ProxyLogon Exploit Chain

2023-12-29 00:00:00

CVE-2021-27065

2021-03-03 00:00:00

threatpost

Microsoft Exchange 0-Day Attackers Spy on U.S. Targets

2021-03-03 15:30:52

Exchange Cyberattacks Escalate as Microsoft Rolls One-Click Fix

2021-03-16 16:56:26

Microsoft Exchange Servers See ProxyLogon Patching Frenzy

2021-03-24 18:39:26

ics

Mitigate Microsoft Exchange Server Vulnerabilities

2021-07-19 12:00:00

Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

2022-10-05 12:00:00

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

2022-03-01 12:00:00

fireeye

Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities

2021-03-04 00:00:00

krebs

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

2021-03-02 21:19:17

carbonblack

TAU Threat Advisory: Microsoft Exchange Servers Targeted with Four Zero-day Exploits

2021-03-08 21:05:13

githubexploit

Exploit for Vulnerability in Microsoft

2021-03-05 08:22:07

Exploit for Vulnerability in Microsoft

2021-03-09 10:36:44

Exploit for Vulnerability in Microsoft

2021-03-11 21:18:29

thn

URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange

2021-03-03 07:28:00

Microsoft Exchange Cyber Attack — What Do We Know So Far?

2021-03-08 10:15:00

Prometei Botnet Exploiting Unpatched Microsoft Exchange Servers

2021-04-23 07:42:00

hivepro

Have you patched the vulnerabilities in Microsoft Exchange Server?

2021-08-18 11:01:05

BackdoorDiplomacy targets the telecom industry in the Middle East

2022-12-08 07:20:51

AvosLocker Ransomware group has targeted 50+ Organizations Worldwide

2022-03-24 06:30:44

cisa

Microsoft Releases Out-of-Band Security Updates for Exchange Server

2021-03-02 00:00:00

mmpc

HAFNIUM targeting Exchange Servers with 0-day exploits

2021-03-02 21:07:53

Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021

2021-11-16 16:00:08

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

2022-09-07 21:00:00

mssecure

HAFNIUM targeting Exchange Servers with 0-day exploits

2021-03-02 21:07:53

Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021

2021-11-16 16:00:08

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

2022-09-07 21:00:00

talosblog

Threat Advisory: HAFNIUM and Microsoft Exchange zero-day

2021-03-08 10:18:43

What Talos Incident Response learned from a recent Qakbot attack hijacking old email threads

2022-07-27 12:00:00

akamaiblog

How Akamai Can Help You Fight the Latest Exploitation Attempts Against Microsoft Exchange

2021-03-15 22:30:00

Authentication: Lessons Learned from Microsoft Exchange and F5 BIG-IP Hacks

2021-03-24 14:00:00

Microsoft Exchange and Verkada Hacks: Isolate Your Apps and APIs from the Internet Cesspool

2021-03-15 22:15:00

rapid7blog

Rapid7’s InsightIDR Enables Detection And Response to Microsoft Exchange Zero-Day

2021-03-03 00:41:04

Defending Against the Zero Day: Analyzing Attacker Behavior Post-Exploitation of Microsoft Exchange

2021-03-23 14:04:36

Mass Exploitation of Exchange Server Zero-Day CVEs: What You Need to Know

2021-03-03 19:23:42

nessus

Security Updates for Microsoft Exchange Server (March 2021)

2021-03-03 00:00:00

Security Update for Microsoft Exchange Server 2010 SP 3 (March 2021)

2021-03-04 00:00:00

Microsoft Exchange Server Authentication Bypass

2021-03-08 00:00:00

mskb

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: March 2, 2021 (KB5000871)

2021-03-02 08:00:00

Remove specific prevalent malware with Windows Malicious Software Removal Tool (KB890830)

2021-01-12 00:00:00

Description of the security update for Microsoft Exchange Server 2010 Service Pack 3: March 2, 2021 (KB5000978)

2021-03-02 08:00:00

checkpoint_advisories

Microsoft Exchange Server Remote Code Execution (CVE-2021-26857; CVE-2021-26858)

2021-03-02 00:00:00

Microsoft Exchange Server Remote Code Execution (CVE-2021-26855; CVE-2021-27065)

2021-03-02 00:00:00

kaspersky

KLA12103 ACE vulnerabilities in Microsoft Exchange Server

2021-03-02 00:00:00

qualysblog

Microsoft Exchange Server Zero-Days (ProxyLogon) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR

2021-03-03 22:12:19

Risk-based Remediation Powered by Patch Management in Qualys VMDR 2.0

2022-06-22 21:23:51

CISA Alert: Top 15 Routinely Exploited Vulnerabilities

2022-05-06 12:19:24

zdt

Microsoft Exchange ProxyLogon Remote Code Execution Exploit

2021-03-23 00:00:00

Microsoft Exchange 2019 - Unauthenticated Email Download Exploit

2021-05-21 00:00:00

Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon) Exploit

2021-03-11 00:00:00

packetstorm

Microsoft Exchange ProxyLogon Collector

2021-05-21 00:00:00

Microsoft Exchange ProxyLogon Remote Code Execution

2021-03-23 00:00:00

Microsoft Exchange Proxylogon SSRF Proof Of Concept

2021-03-11 00:00:00

metasploit

Microsoft Exchange ProxyLogon Scanner

2021-03-07 13:37:20

Microsoft Exchange ProxyLogon RCE

2021-03-12 23:49:45

Microsoft Exchange ProxyLogon Collector

2021-03-09 19:52:01

nuclei

Microsoft Exchange Server SSRF Vulnerability

2021-03-06 07:00:59

Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting

2021-11-12 18:25:15

Exchange Server - Remote Code Execution

2021-08-10 07:59:06

exploitdb

Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit)

2021-05-21 00:00:00

Microsoft Exchange 2019 - Unauthenticated Email Download

2021-05-18 00:00:00

avleonov

Vulnerability Management news and publications #2

2022-08-14 11:30:44

Joint Advisory AA22-279A and Vulristics

2022-10-21 20:10:13

cvelist

CVE-2021-26858 Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 23:55:27

CVE-2021-26857 Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 23:55:26

CVE-2021-27065 Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 23:55:28

nvd

CVE-2021-26857

2021-03-03 00:15:12

CVE-2021-27065

2021-03-03 00:15:12

CVE-2021-26858

2021-03-03 00:15:12

prion

Remote code execution

2021-03-03 00:15:00

Remote code execution

2021-03-03 00:15:00

Remote code execution

2021-03-03 00:15:00

cisa_kev

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-11-03 00:00:00

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-11-03 00:00:00

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-11-03 00:00:00

hackerone

U.S. Dept Of Defense: SSRF due to CVE-2021-26855 on ████████

2021-03-07 11:31:33

U.S. Dept Of Defense: CVE-2021-26855 on ████████ resulting in SSRF

2021-03-07 11:37:32

saint

Microsoft Exchange Server ProxyLogon vulnerability

2021-03-19 00:00:00

Microsoft Exchange Server ProxyLogon vulnerability

2021-03-19 00:00:00

Microsoft Exchange Server ProxyLogon vulnerability

2021-03-19 00:00:00

cve

CVE-2021-26858

2021-03-03 00:15:12

CVE-2021-26855

2021-03-03 00:15:12

CVE-2021-26857

2021-03-03 00:15:12

wallarmlab

Web vulnerabilities exploit weekly digest #1. March 8-15th 2021. VMware vCenter and Apache OFBiz RCE.

2021-03-16 18:22:00

Weekly exploit digest – March, 15-21 – VMware View Planner, Win32k ConsoleControl, Microsoft Windows Containers DP API

2021-03-21 13:09:00

mscve

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 08:00:00

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 08:00:00

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 08:00:00

0.975 High

EPSS

Percentile

100.0%

JSON

Related for MSRC:9DA5AC102EA6224E027868594A8ED7B8