Follow

CVE-2021-26855 - Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft have posted a threat advisory (https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/) relating to multiple malicious actors actively exploiting several Microsoft Exchange Server vulnerabilities to gain unauthorised access.

Security Updates have been issued to address these vulnerabilities: https://techcommunity.microsoft.com/t5/exchange-team-blog/released-march-2021-exchange-server-security-updates/ba-p/2175901. You should install these security updates as soon as possible to ensure that your systems are secured.

If you are unable to install the security updates, RedShield have a shield available that would provide partial mitigation by blocking malicious requests to paths known to be vulnerable to CVE-2021-26855. This shield is based on information published by Volexity https://www.volexity.com/blog/2021/03/02/active-exploitation-of-microsoft-exchange-zero-day-vulnerabilities/. Please contact support@redshield.co if you require this shield.

Microsoft have also issued some of their own partial mitigations that can be found at https://msrc-blog.microsoft.com/2021/03/05/microsoft-exchange-server-vulnerabilities-mitigations-march-2021/ 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments