Microsoft Patches Actively Exploited Excel And Exchange Server 0Day Exploits
Company Issues Much Needed Patches for Known Vulnerabilities

Microsoft has released security patches this month as part of Patch Tuesday release cycle to address 55 vulnerabilities across Windows, Azure, Visual Studio, Windows Hyper-V, and Office, including fixes for two actively exploited zero-day bugs in Excel and Exchange Server that could be abused to take control of an affected system.

Of the 55 glitches, six are rated Critical and 49 are rated as Important in severity, with four others listed as publicly known at the time of release. 

"Earlier this year, Microsoft alerted that APT Group HAFNIUM was exploiting four zero-day vulnerabilities in the Microsoft Exchange server," said Bharat Jogi, director of vulnerability and threat research at Qualys.
"This evolved into exploits of Exchange server vulnerabilities by DearCry Ransomware — including attacks on infectious disease researchers, law firms, universities, defense contractors, policy think tanks and NGOs. Instances such as these further underscore that Microsoft Exchange servers are high-value targets for hackers looking to penetrate critical networks," Jogi added.
Microsoft Patches Actively Exploited Excel And Exchange Server 0Day Exploits
JD Berkowitz 11 November, 2021
Share this post
Tags
Archive
Sign in to leave a comment
Twitter Drops the Crop! Now See the Whole Picture in your Timeline
Twitter now shows you the full picture when you post to your timeline.