If you're a Windows administrator, you might want to hold off on installing the latest March 2024 Windows Server updates. Widespread reports have surfaced of domain controllers crashing and restarting after applying these updates, causing headaches for IT professionals and disruptions for businesses. The Culprit: LSASS Memory Leak The root of the problem appears to [...]
Description of Security Update 5 for Exchange Server 2019: March 12, 2024 (KB5036402) The March 2024 SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes. Although we are not aware of any active exploits in the wild, our recommendation is to immediately install these updates to protect your [...]
Tens of thousands of Microsoft Exchange servers worldwide could be vulnerable to a recently disclosed zero-day privilege escalation vulnerability that is already being actively exploited by threat actors. The vulnerability, tracked as CVE-2024-21410, allows a remote, unauthenticated attacker to relay a user's Windows NT LAN Manager (NTLM) credentials or "hashes" to impersonate legitimate users on [...]
2024 H1 Cumulative Update for Exchange Server Microsoft announced the availability of the 2024 H1 Cumulative Update (CU) for Exchange Server 2019 (aka CU14). CU14 includes fixes for customer reported issues, a security change, and all previously released Security Updates (SUs). FEATURED PRODUCT Z-Day Guard for Servers Next generation threat hunting for zero-day attacks on [...]
Feb 13, 2024, users connecting to Exchange Online with the latest version of Outlook Desktop are being impacted, as reported today by Petri and Windows Report news sites. The issue has been occurring since early February and is under investigation by Microsoft. The ActiveSync issues are specific to those with 365 Exchange Online, and those [...]
CVE-2024-21410 is a critical security vulnerability in Microsoft Exchange Server with a CVSS severity score of 9.8. The vulnerability allows attackers to perform privilege escalation attacks by exploiting NTLM credential leaking in clients like Outlook. Key Details Attack Method: An attacker targets NTLM clients (like Outlook) to leak credentials, which can then be relayed against [...]
On January 19th, Microsoft disclosed that a group of Russian state-sponsored hackers, known as Nobelium or Midnight Blizzard, infiltrated its corporate systems and accessed sensitive emails from members of its leadership team. New details have now emerged explaining how the attackers gained entry and what they were after. The initial breach occurred in late November [...]
The global ransomware scourge is poised to worsen over the next two years, fueled by artificial intelligence that makes cyber attacks more effective, according to a new report from Britain's cybersecurity chiefs. The National Cyber Security Centre, part of the UK's top signals intelligence agency GCHQ, warns that AI will enable even novice hackers to [...]
Zero-day attacks represent one of the most significant threats to Microsoft Exchange Servers. This post aims to provide Exchange administrators and security professionals with strategies to prepare for and defend against these unpredictable threats. Microsoft Exchange Server, being a critical component in enterprise communication infrastructure, is a primary target for hackers. Through-out 2023 and into [...]
Microsoft kicks off 2024 with a uneventful Patch Tuesday, maintaining the trend from December by not releasing any patches for Exchange Server 2019. Exchange Server 2019: CU14 Delayed to Jan 2024 There are still two more CUs for Exchange Server 2019: CU14 and CU15. CU14 is in its final stages of testing and validation and will be [...]
Video summary: This video discusses high volume logon attacks (HVA) against Microsoft Exchange servers and Messageware Exchange Protocol Guard’s role in countering these attacks. https://www.youtube.com/watch?v=9blVda_IJIM Cybersecurity threats are becoming more sophisticated and relentless, especially for critical infrastructure like email servers. One such threat to be aware of is the high-volume logon attack (HVA), which targets [...]
It’s mid-December and there is lots of good news heading into the end of 2023.Microsoft is not releasing any December Exchange Server CUs or SUs, a welcome break for those with vacations scheduled!We are officially launching our new security product, “Z-Day Guard for Exchange Servers”.It’s simple to install, easy to use, and extremely powerful, giving [...]
Exchange Server admins can take a break to enjoy the upcoming holidays! There are no security updates (SUs) for Exchange Server 2019 and 2016 this month. Exchange Server 2019: CU14 Delayed to Jan 2024 Microsoft released a blog to clarify the status of cumulative updates for the on-premises email platform. Administrators expecting the release of [...]
TORONTO - Dec. 11, 2023 - Messageware Incorporated, a leader in cybersecurity solutions, today announced the launch of Z-Day Guard for Microsoft Exchange Server (Z-Day), a cutting-edge security product designed specifically for Microsoft Exchange Servers. Z-Day represents a significant advancement in protecting against zero-day attacks and unauthorized server access. Z-Day employs innovative File and Virtual Directory Integrity Monitoring to [...]
According to recent scans by The ShadowServer Foundation and security researcher Yutaka Sejiyama, over 20,000 Microsoft Exchange servers are running outdated and unsupported software. These servers are vulnerable to multiple critical remote code execution vulnerabilities. Thousands of Exchange Server 2007, 2010, and 2013 Instances Discovered The scans uncovered over 20,000 end-of-life Microsoft Exchange servers reachable [...]
Gaps in Multi-Factor Authentication (MFA) In this article, we will explore some of the drawbacks of MFA/2FA as a user security tool. Multi-Factor Authentication (MFA), also known as 2-Factor Authentication (2FA), has become an essential tool for protecting user accounts. It has become so ubiquitous, Microsoft has recently started enforcing it on all tenants by [...]
Last year, Microsoft announced a new servicing model for Exchange Server, with two Cumulative Updates (CUs) per year. However, Microsoft won't be releasing a second CU for 2023. There are two more CUs on the horizon for Exchange Server 2019: CU14 (H1 2024) and CU15 (H2 2024). The release date for CU14 has shifted to [...]
What are Windows cached credentials? The purpose of Windows cached credentials is to enable users to log into their accounts and access network resources even when the authentication server is unavailable, such as during offline use, while also improving login performance by reducing the need for frequent server authentications. Cached credentials are stored locally on [...]
Microsoft's Shift in Servicing Cadence In a move that reflects a commitment to both innovation and stability, Microsoft announced last year a change in its servicing model for Exchange Server. This strategic shift saw the company adopt a twice-yearly release schedule for Cumulative Updates (CUs), targeting the first and second halves of each calendar year. [...]
Microsoft has released Security Updates (SUs) for vulnerabilities found in: Exchange Server 2019 Exchange Server 2016 SUs are available for the following specific versions of Exchange Server: Exchange Server 2019 CU12 and CU13 Exchange Server 2016 CU23 The November 2023 SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes. These vulnerabilities affect [...]
