On February 11 2020, Microsoft released a patch for Exchange Servers that would fix a vulnerability pertaining to unauthorized access to the backend of the Exchange Control Panel. There is now confirmation from a source at the United States Department of Defense that multiple nation-state backed actors and other ransomware gangs are actively and maliciously exploiting this vulnerability on unpatched systems. The vulnerability results from the Exchange Server failing to properly create unique cryptographic keys at the time of installation. The hackers’ sophisticated exploits circumvent encryption, granting them full access of the server.
It is imperative that the latest patches from February 11th be applied as even a single Exchange instance puts you at risk.Read More