New critical Exchange vulnerabilities: NSA alerts Microsoft and calls for urgent patches

The NSA recently warned Microsoft of new critical vulnerabilities affecting Exchange servers, a month after similar flaws were massively exploited. Microsoft has published patches in its latest “Patch Tuesday”, and it is essential to apply them without delay.

The flaws affect on-premise versions of Exchange Server 2013 (CU23), Exchange Server 2016 (CU19 and CU20), as well as Exchange Server 2019 (CU8 and CU9). Customers using Exchange cloud solutions are already protected and do not need to take any additional measures, says Microsoft. However, the publisher points out that no active exploitation of the new vulnerabilities has yet been observed.

In view of the recurring attacks targeting Exchange servers, particularly after the discovery of major vulnerabilities last month, Microsoft is urging all companies to apply these new patches immediately. Cyber hackers, including the Chinese group Hafnium, have already infiltrated systems to steal sensitive data, particularly in sectors such as defense, law firms and medical research in the USA.

Although already infected Exchange servers can be patched, backdoors left by the hackers may remain, threatening long-term security. The FBI has taken exceptional measures, remotely cleaning infected servers without notifying the companies concerned.

The National Security Agency (NSA) was also involved in the discovery of these new flaws, and alerted Microsoft as part of a “standard coordinated vulnerability disclosure procedure”. In a tweet, the NSA strongly recommended patching, pointing out that exploiting these vulnerabilities could give hackers permanent access and control over corporate networks.

In short, Exchange server security remains a priority. It is imperative that companies apply Microsoft patches to protect themselves against possible attacks and guarantee the integrity of their systems.

Source : ICTjournal