Trusted by more than 2500 companies with over 5 million users
13 02, 2024

CVE-2024-21410 Microsoft Exchange Server Elevation of Privilege Vulnerability

2025-06-05T09:47:26-04:00

CVE-2024-21410 is a critical vulnerability in Microsoft Exchange Server, presenting an elevation of privilege. It has a CVSS score of 9.8. This vulnerability enables attackers to execute authentication relay attacks by misusing the Net-NTLMv2 protocol. Vendor: Microsoft Product: Microsoft Exchange Server Vulnerability Type: Elevation of Privilege Base CVSS Score: 9.8 (Critical) Follow this link for [...]

CVE-2024-21410 Microsoft Exchange Server Elevation of Privilege Vulnerability2025-06-05T09:47:26-04:00
6 02, 2024

Russian Hackers Breach Microsoft, Stealing Sensitive Emails

2024-02-21T12:54:27-05:00

On January 19th, Microsoft disclosed that a group of Russian state-sponsored hackers, known as Nobelium or Midnight Blizzard, infiltrated its corporate systems and accessed sensitive emails from members of its leadership team. New details have now emerged explaining how the attackers gained entry and what they were after. The initial breach occurred in late November [...]

Russian Hackers Breach Microsoft, Stealing Sensitive Emails2024-02-21T12:54:27-05:00
26 01, 2024

Ransomware Set to Surge as AI Powers Cybercriminals

2024-01-26T10:11:56-05:00

The global ransomware scourge is poised to worsen over the next two years, fueled by artificial intelligence that makes cyber attacks more effective, according to a new report from Britain's cybersecurity chiefs. The National Cyber Security Centre, part of the UK's top signals intelligence agency GCHQ, warns that AI will enable even novice hackers to [...]

Ransomware Set to Surge as AI Powers Cybercriminals2024-01-26T10:11:56-05:00
11 01, 2024

Protecting Exchange Server from Zero-day Attacks

2025-03-21T09:03:14-04:00

Zero-day attacks represent one of the most significant threats to Microsoft Exchange Servers. This post aims to provide Exchange administrators and security professionals with strategies to prepare for and defend against these unpredictable threats. Microsoft Exchange Server, being a critical component in enterprise communication infrastructure, is a primary target for hackers. Through-out 2023 and into [...]

Protecting Exchange Server from Zero-day Attacks2025-03-21T09:03:14-04:00
11 01, 2024

Microsoft January 2024 Patch Tuesday: Another Quiet Patch Tuesday for Exchange Server

2024-01-11T13:59:28-05:00

Microsoft kicks off 2024 with a uneventful Patch Tuesday, maintaining the trend from December by not releasing any patches for Exchange Server 2019. Exchange Server 2019: CU14 Delayed to Jan 2024 There are still two more CUs for Exchange Server 2019: CU14 and CU15.  CU14 is in its final stages of testing and validation and will be [...]

Microsoft January 2024 Patch Tuesday: Another Quiet Patch Tuesday for Exchange Server2024-01-11T13:59:28-05:00
9 01, 2024

High Volume Attacks – Microsoft Exchange Server Security

2024-01-09T06:23:13-05:00

Video summary: This video discusses high volume logon attacks (HVA) against Microsoft Exchange servers and Messageware Exchange Protocol Guard’s role in countering these attacks. https://www.youtube.com/watch?v=9blVda_IJIM Cybersecurity threats are becoming more sophisticated and relentless, especially for critical infrastructure like email servers. One such threat to be aware of is the high-volume logon attack (HVA), which targets [...]

High Volume Attacks – Microsoft Exchange Server Security2024-01-09T06:23:13-05:00
20 12, 2023

Microsoft Exchange – Messageware Q4 2023 Newsletter

2023-12-20T12:52:05-05:00

It’s mid-December and there is lots of good news heading into the end of 2023.Microsoft is not releasing any December Exchange Server CUs or SUs, a welcome break for those with vacations scheduled!We are officially launching our new security product, “Z-Day Guard for Exchange Servers”.It’s simple to install, easy to use, and extremely powerful, giving [...]

Microsoft Exchange – Messageware Q4 2023 Newsletter2023-12-20T12:52:05-05:00
13 12, 2023

Microsoft December 2023 Patch Tuesday: Exchange Server Admins get a break

2023-12-13T10:19:30-05:00

Exchange Server admins can take a break to enjoy the upcoming holidays! There are no security updates (SUs) for Exchange Server 2019 and 2016 this month. Exchange Server 2019: CU14 Delayed to Jan 2024 Microsoft released a blog to clarify the status of cumulative updates for the on-premises email platform. Administrators expecting the release of [...]

Microsoft December 2023 Patch Tuesday: Exchange Server Admins get a break2023-12-13T10:19:30-05:00
11 12, 2023

Messageware Announces the Launch of Z-Day Guard for Exchange Server: A Revolutionary Security Solution for Microsoft Exchange Servers

2023-12-11T10:48:47-05:00

TORONTO - Dec. 11, 2023 - Messageware Incorporated, a leader in cybersecurity solutions, today announced the launch of Z-Day Guard for Microsoft Exchange Server (Z-Day), a cutting-edge security product designed specifically for Microsoft Exchange Servers. Z-Day represents a significant advancement in protecting against zero-day attacks and unauthorized server access. Z-Day employs innovative File and Virtual Directory Integrity Monitoring to [...]

Messageware Announces the Launch of Z-Day Guard for Exchange Server: A Revolutionary Security Solution for Microsoft Exchange Servers2023-12-11T10:48:47-05:00
5 12, 2023

Over 20,000 Vulnerable Microsoft Exchange Servers Exposed to Attacks

2023-12-06T10:00:09-05:00

According to recent scans by The ShadowServer Foundation and security researcher Yutaka Sejiyama, over 20,000 Microsoft Exchange servers are running outdated and unsupported software. These servers are vulnerable to multiple critical remote code execution vulnerabilities. Thousands of Exchange Server 2007, 2010, and 2013 Instances Discovered The scans uncovered over 20,000 end-of-life Microsoft Exchange servers reachable [...]

Over 20,000 Vulnerable Microsoft Exchange Servers Exposed to Attacks2023-12-06T10:00:09-05:00
30 11, 2023

Exchange Server Security: Why MFA/2FA Is Not Enough

2024-05-23T07:22:12-04:00

Gaps in Multi-Factor Authentication (MFA) In this article, we will explore some of the drawbacks of MFA/2FA as a user security tool. Multi-Factor Authentication (MFA), also known as 2-Factor Authentication (2FA), has become an essential tool for protecting user accounts. It has become so ubiquitous, Microsoft has recently started enforcing it on all tenants by [...]

Exchange Server Security: Why MFA/2FA Is Not Enough2024-05-23T07:22:12-04:00
29 11, 2023

Exchange Server 2019: CU14 Delayed to Jan 2024

2023-12-13T08:00:35-05:00

Last year, Microsoft announced a new servicing model for Exchange Server, with two Cumulative Updates (CUs) per year. However, Microsoft won't be releasing a second CU for 2023. There are two more CUs on the horizon for Exchange Server 2019: CU14 (H1 2024) and CU15 (H2 2024). The release date for CU14 has shifted to [...]

Exchange Server 2019: CU14 Delayed to Jan 20242023-12-13T08:00:35-05:00
28 11, 2023

Why Windows cached credentials cause AD lockouts

2025-02-18T09:47:20-05:00

What are Windows cached credentials? The purpose of Windows cached credentials is to enable users to log into their accounts and access network resources even when the authentication server is unavailable, such as during offline use, while also improving login performance by reducing the need for frequent server authentications. Cached credentials are stored locally on [...]

Why Windows cached credentials cause AD lockouts2025-02-18T09:47:20-05:00
23 11, 2023

Understanding Microsoft’s Exchange Server Servicing Model

2023-11-27T11:14:24-05:00

Microsoft's Shift in Servicing Cadence In a move that reflects a commitment to both innovation and stability, Microsoft announced last year a change in its servicing model for Exchange Server. This strategic shift saw the company adopt a twice-yearly release schedule for Cumulative Updates (CUs), targeting the first and second halves of each calendar year. [...]

Understanding Microsoft’s Exchange Server Servicing Model2023-11-27T11:14:24-05:00
14 11, 2023

Microsoft November 2023 Patch Tuesday: Exchange Server Security Updates

2024-02-13T13:43:34-05:00

Microsoft has released Security Updates (SUs) for vulnerabilities found in: Exchange Server 2019 Exchange Server 2016 SUs are available for the following specific versions of Exchange Server: Exchange Server 2019 CU12 and CU13 Exchange Server 2016 CU23 The November 2023 SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes. These vulnerabilities affect [...]

Microsoft November 2023 Patch Tuesday: Exchange Server Security Updates2024-02-13T13:43:34-05:00
14 11, 2023

Emerging Microsoft Exchange Zero-Day Vulnerabilities

2024-01-30T06:52:45-05:00

Microsoft Exchange is currently under threat due to four newly discovered zero-day vulnerabilities, which attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations. These vulnerabilities were disclosed by Trend Micro's Zero Day Initiative (ZDI) on September 7th and 8th, 2023. Despite their potential threat, Microsoft has chosen to delay [...]

Emerging Microsoft Exchange Zero-Day Vulnerabilities2024-01-30T06:52:45-05:00
24 10, 2023

Exchange Protocol Guard – Software Release – EPG 3.7.6

2023-11-15T07:28:29-05:00

Software Release – EPG 3.7.6 Toronto, Canada – October 24th, 2023: Messageware Incorporated, the leader in Microsoft Exchange security and productivity tools, announced a major update of their flagship product Messageware Exchange Protocol Guard (EPG). The following updates are now available for customers and trial users: Messageware EPG 2019 v3.7.6 Messageware EPG 2016 v3.7.6 Messageware EPG [...]

Exchange Protocol Guard – Software Release – EPG 3.7.62023-11-15T07:28:29-05:00
18 10, 2023

October 2023: Changes to Exchange Online

2023-10-18T18:08:53-04:00

October has been a busy month of changes for Exchange Online users. This article summarizes recent updates and announcements from Microsoft on the Exchange Team Blog. 1) Farewell to Remote PowerShell in Exchange Online Earlier this year, Microsoft officially depreciated the Remote PowerShell Protocol (RPS) in Exchange Online. This month, RPS is no longer available [...]

October 2023: Changes to Exchange Online2023-10-18T18:08:53-04:00
12 10, 2023

Microsoft October 2023 Patch Tuesday: Exchange Server Security Updates

2023-11-17T10:50:55-05:00

Microsoft has released Security Updates (SUs) for vulnerabilities found in: Exchange Server 2019 Exchange Server 2016 SUs are available for the following specific versions of Exchange Server: Exchange Server 2019 CU12 and CU13 Exchange Server 2016 CU23 The October 2023 SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes. Although we are [...]

Microsoft October 2023 Patch Tuesday: Exchange Server Security Updates2023-11-17T10:50:55-05:00
10 10, 2023

Why Exchange Servers cause Active Directory User Lockouts and how to Prevent Them

2025-04-22T08:45:04-04:00

Article Summary: This article examines the common Exchange Server attacks that result in Active Directory lockouts and effective techniques to prevent Active Directory user accounts lockouts. By deploying intelligent threat detection, enforcing strong password policies, enabling multi-factor authentication, and monitoring signs of compromise, companies can thwart attackers’ efforts to access mailboxes and maintain business continuity. [...]

Why Exchange Servers cause Active Directory User Lockouts and how to Prevent Them2025-04-22T08:45:04-04:00