The National Security Agency alerted Microsoft yesterday to a fresh batch of critical vulnerabilities that hackers could exploit to remotely compromise the Exchange Server email software program. While Microsoft reports that it has not seen the vulnerabilities used in attacks against customers, the news comes at a time of heightened concern over vulnerabilities in Exchange Server.
Hybrid identity expert Sean Deuby of Semperis, believes threat actors can (and will) reverse engineer these patches and come up with exploits as quickly as they can, so it’s important for organizations to act now.
“It’s reasonable to assume that, after the previous set of Exchange Server vulnerabilities were discovered, NSA embarked on a detailed security evaluation of the product to uncover with this latest set of vulnerabilities. The good news, relatively speaking, is that this a proactive situation: NSA and Microsoft discovered these vulnerabilities before the threat actors did.
But the window to patch is extremely short: Threat actors will reverse engineer these patches and come up with exploits as quickly as they can. Fortunately, organizations have just been through this fire drill and should be able to quickly deploy these latest updates.”