The latest Microsoft Exchange Server zero-day vulnerability has a significant impact on the global infrastructure, prompting security experts to urge immediate software updates to mitigate the threat.
The security research organization, The Shadowserver Foundation, issued a warning about the latest Microsoft Exchange Server zero-day vulnerability directly affecting server versions 9.7 and above, urging users to promptly update their software.
According to Shadowserver, the CVE-2024-21410 vulnerability has a significant impact, with 6.8 percent of servers being directly affected and the remaining vulnerable to potential exploitation. The vulnerability, categorized as an elevation of privilege flaw, poses the risk of pass-the-hash attacks, which could lead to unauthorized access and execution of malicious code.
Microsoft has released a security update on May 13, addressing a total of 72 vulnerabilities, including the Exchange Server flaw specified by Shadowserver. Users are advised to update to Exchange Server 2019 cumulative update 14 (CU14) to protect against the vulnerability. The Cybersecurity and Infrastructure Security Agency (CISA) has listed the vulnerability as a known exploited threat.
The true perpetrators and motives behind the attacks are yet to be determined, and security experts emphasize the importance of proactive measures, including security updates and patches. Brian Contons, the Chief Security Officer at Sevco Security, highlighted the critical role of regularly updating server patches in maintaining cybersecurity integrity.
The exact extent of affected Exchange Server installations remains to be determined, and security experts continue to monitor the situation closely to assess and address any potential risks.