Microsoft Releases Script for Exchange Server Vulnerability

Microsoft Releases Script to Check for Traces of Intrusion Related to Exchange Server Vulnerability

Microsoft’s Exchange Server team released a script for IT administrators on March 6 to determine if it was affected by a zero-day vulnerability that was recently revealed to be lurking in the product.

As announced by the US Cyber ​​Security and the Infrastructure Security Agency (CISA), Microsoft’s team has posted the latest script on GitHub to check the security status of the Exchange Server.

The script has been updated to include Indicators of Compromise (IoC) related to four zero-day vulnerabilities discovered on the Exchange Server.

On March 2, the company issued a warning about a vigorous zero-day attack by state-sponsored Chinese threat group Hafnium. FireEye’s “Mandiant Managed Defense” team is also tracking attacks on US organizations that have exploited this vulnerability. At present, local government agencies, universities, and retailers are believed to have been damaged.

CISA said, “Because CISA is aware of the widespread exploitation of these vulnerabilities in Japan and abroad, organizations run the Test-ProxyLogon.ps1 script” as soon as possible. “ However, it is highly recommended to determine if your system is at risk. “

The CISA issued an emergency directive on the 3rd, urging government agencies and others to check for evidence of suspicious activity and apply patches provided by Microsoft.




Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Graviton (GTON) is now listed on PolyDEX

Compiler-based Techniques for Enhancing Performance and Privacy in Enclaves

Finding The Origin IP Behind CDNs

Online romance scams are more sophisticated than I thought

The strategy behind a romance scam —

Collaboration Portal Helps Governments Efficiently Manage Freedom of Information Requests

How to Prevent Security Breaches With AppSec Pentesting

From Reactive to Proactive — The Evolution of Security and the CISO Role

Thoughts About Docker Security

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Aadil Shaikh

Aadil Shaikh

More from Medium

Enforcing FIDO security key ‘make and model’ with AAGUIDs in Azure

Tanzu Application Platform’s OOTB Supply Chain with Testing and Scanning Events

AWS S3 with IAM user credentials in Postman

How to connect Intercom with Google Sheets — without another subscription