Updated: Feb 4
Zero Day is actively being exploited in the wild on Exchange Servers! What exactly does that mean?!
Well, a Zero Day vulnerability was not previously known by the developer. The developer is in a race to identify a patch before malicious actors exploit that vulnerability exposing organizations to risk. Exploited in the wild is a phrase that will cause every IT and IT Security professional to have chills because that equates to attackers actively exploiting the vulnerability that no one was aware of except the attackers. This creates a true race between the developers and attackers for systems control.
Recently Microsoft published TWO patches for Zero Days being exploited in the wild of Exchange Servers. This only impacts those not using the cloud for their email since Exchange Servers are for on-premises email setups. This vulnerability does not impact those using a cloud environment like Microsoft 365.
The two recently published instances by Microsoft are extremely concerning because attackers could gain control of your on-premises email system remotely. From here, they can create additional code that can be remotely run, impacting users and other systems.
If you manage your own IT or have an IT shop, make sure they update your Microsoft Exchange 2013, 2016, and 2019 TODAY.
Contact us today if you need help.