Attackers Weaponizing Exchange Vulnerability
Microsoft announced that the Exchange vulnerability covered under CVE-2020-0688 is currently being weaponized in the wild.
Attackers Target Vulnerable Exchange Servers
Microsoft is warning its customers that attackers are increasingly targeting unpatched Exchange servers, with a massive increase in activity since April.
In February, Microsoft issued a patch for a vulnerability tracked as CVE-2020-0688, which could allow attackers to perform remote code execution and take over an infected device. This flaw affects versions of Microsoft Exchange Server dating back to 2010.
CVE-2020-0688 Targeted with Exploits
Microsoft announced the vulnerability covered under CVE-2020-0688 and patched using KB4536988 update has been found to be weaponized in the wild.
When this was released in February, it was not allocated a CVSS score immediately. However, it has now been allocated a score of 8.8 making it extremely important to install.
Tuearis Cyber stays ahead of threats like these on behalf of our clients. Utilizing advanced Threat and Vulnerability Management tools we are able to both recognize unpatched vulnerabilities and patch them. Robert Brown, Director of Services at Syxsense (one of the TVM tools Tuearis deploys) says, “If possible, try to take a multi factored approach when choosing the patches to deploy each month. Simply relying on the vendor severity or the CVSS score alone is simply not enough.”
Since February, many IT organizations have failed to install this update which perhaps is the reason why this vulnerability has been used to expose the Exchange infrastructure in recent sophisticated attacks.
Contact Tuearis today if you are ready to get ahead of attackers and REST SECURED.