Important Information on the recent Microsoft Exchange Server Vulnerabilities

Over 30,000 organisations have been affected by the recent Microsoft Exchange Server vulnerability announced last week.

Over 30,000 organisations have been affected by the recent Microsoft Exchange Server vulnerability announced last week. Experts have learned that, after accessing the victim’s environment, criminals leave behind a web shell or back door, a hacking tool that can be used by the criminal to subsequently access the same environment. Critically, the criminal’s web shell remains even after the Exchange Server is patched with the latest Microsoft updates. Therefore, all Exchange Servers should be inspected for signs of unauthorised access and any web shells must be removed.

Here's what you need to do.

STEP ONE: Patch first!

All Exchange servers should be patched immediately to address the four identified vulnerabilities.


STEP TWO: Investigate whether you've been compromised

Review Microsoft’s advice and download the Microsoft Safety Scanner (a Microsoft-developed scan tool) on your Exchange Server to run a full scan. This tool will automatically delete any detected files and not quarantine them. Once the scan is complete, the tool will report the deleted files. When done using the scanner, uninstall the tool simply by deleting the msert.exe executable. Importantly, this tool is only used for spot scans and should NOT be relied upon as an antivirus program.

More News Stories

May 20, 2021
The COVID-19 Pandemic: A Black Swan event & Claim trends

The revolutionary idea that defines the boundary between modern times and the past is our ability to understand and manage risk - it converted the unknown future from an enemy into an opportunity (Bernstein Against the Gods – The Remarkable Story of Risk).

Read story
May 20, 2021
The Sound of Silence: Navigating the Darkness of Silent Cyber

With the rise of cyber attacks and imminent implementation of the Protection of Personal Information Act (“POPIA”), it may seem that these days the most important business risk to insure against is cyber attacks.

Read story
May 19, 2021
Mobile devices and Cyber security: WhatsApp’s new policy shouldn’t be your only worry.

Just like many devices that are connected to the internet nowadays, mobile devices present a high risk of being negatively impacted by cyber threats.

Read story