Metacurity

Share this post

Microsoft, Feds Urge Admins to Implement Patches, Including Four for More Exchange Flaws Discovered by NSA

metacurity.substack.com

Microsoft, Feds Urge Admins to Implement Patches, Including Four for More Exchange Flaws Discovered by NSA

FBI accessed hundreds of computers to remove Exchange web shells, Firm that unlocked San Bernardino shooter's iPhone for the FBI is now revealed, Sweden accuses Russia of hacking sports org, much more

Cynthia Brumfield
Apr 14, 2021
∙ Paid
1
Share
Share this post

Microsoft, Feds Urge Admins to Implement Patches, Including Four for More Exchange Flaws Discovered by NSA

metacurity.substack.com

Don’t miss out on the breaking news throughout the day. Follow Metacurity on Twitter to stay up-to-speed.

Follow Us on Twitter

Microsoft released security updates to plug at least 110 security holes in Windows and other products, including fixes for Microsoft Exchange Server, which has been beset by zero-day bugs in the email software. Also patched was a vulnerability in Windows (CVE-2021-28310) which has been exploited in active attacks already. The flaw allows an attacker to elevate their privileges on a target system. Nineteen of the patched bugs earned the most serious “Critical” label.

The updates further fix four more flaws in Exchange Server versions 2013-2019 (CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483) discovered by the National Security Agency, although Microsoft said it found two of the bugs internally. Both Microsoft and DHS’s Cybersecurity and Infrastructure Security Agency are urging admins to apply the patches as soon as possible to mitigate the newly discovered flaws.

Se…

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
Previous
Next
© 2023 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing