Microsoft Exchange Server Remote Code Execution Vulnerability
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft exchange server 2016 |
||
microsoft exchange server 2019 |
Get our weekly newsletter Light load has infosec bods wondering what awaits next month
Patch Tuesday As the US season of giving thanks and turkey carnage approaches, let us reflect upon Microsoft's November Patch Tuesday, which has bestowed 55 CVEs and the promise of continued employment for the IT admins who have to clean up the recurring mess of software. Only six of the vulnerabilities are considered "Critical," the rest are just "Important." Affected applications include: 3D Viewer, Azure (including RTOS and Sphere), Dynamics, Edge, Exchange Server, Office, Power BI, Role: Win...
Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Increase in espionage and cyberattacks since law requiring vulnerabilities first be reported to Beijing
Microsoft has asserted that China's offensive cyber capabilities have improved, thanks to a law that has allowed Beijing to create an arsenal of unreported software vulnerabilities. China's 2021 law required organizations to report security vulnerabilities to local authorities before disclosing them to any other entity. The rules mean Beijing can use local research to hoard vulnerability information. A year later, researchers from the Atlantic Council found there was a decrease in reported vulne...