New Patches Fix Zero Day Issue Affecting Microsoft exchange server and Excel.
Microsoft’s monthly patch update fixed over 55 vulnerabilities across Windows, Azure, Visual Studio, Windows Hyper-V, and Office. The most important of these patches was a zero day issue with the Microsoft Exchange server which affected Microsoft Excel 2013-2021.
“This evolved into exploits of Exchange server vulnerabilities by DearCry Ransomware — including attacks on infectious disease researchers, law firms, universities, defense contractors, policy think tanks and NGOs. Instances such as these further underscore that Microsoft Exchange servers are high-value targets for hackers looking to penetrate critical networks,” said Bharat Jogi, director of vulnerability and threat research at Qualys.
With so many different kinds of sectors being targeted it is important to be aware of this vulnerability.
What can you do?
Britec and Microsoft Recommend that you keep your systems up to date with the most current patches.
Currently Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates.
To learn more about the patch update checkout Microsoft’s original release notes.