Microsoft and the Cybersecurity and Infrastructure Security Agency issued a high-severity vulnerability alert concerning a flaw in on-premises Microsoft Exchange. This vulnerability compromises Active Directory and exposes Entra ID, affecting various federal enterprise parts. An emergency patching directive is expected. Microsoft aims to accelerate customer adoption of the latest Microsoft Exchange hybrid environments, temporarily blocking Exchange Web Services traffic to enhance security. The company previously addressed related security issues in April but found that many organizations had not updated their systems. Dirk-jan Mollema presented a detailed exploitation demo at the Black Hat conference.
The vulnerability allows hackers to deploy a series of techniques that enable compromise of on-premises versions of Active Directory, the Microsoft tool suite that centralizes the management of users, computers and other resources across an organization's network.
Microsoft plans to speed up its customers' adoption of the most up-to-date version of Microsoft Exchange hybrid environments, describing setups where an organization uses both cloud and local infrastructure.
CISA plans to issue an emergency patching directive to the federal enterprise on Thursday, emphasizing the urgency of addressing the high-severity vulnerability.
Mollema presented a long-form demo exploiting the flaw at the Black Hat conference, providing detailed insights into the security risks associated with the vulnerability.
Collection
[
|
...
]