Important Information on the recent Microsoft Exchange Server Vulnerabilities

Over 30,000 organisations have been affected by the recent Microsoft Exchange Server vulnerability announced last week.

Over 30,000 organisations have been affected by the recent Microsoft Exchange Server vulnerability announced last week. Experts have learned that, after accessing the victim’s environment, criminals leave behind a web shell or back door, a hacking tool that can be used by the criminal to subsequently access the same environment. Critically, the criminal’s web shell remains even after the Exchange Server is patched with the latest Microsoft updates. Therefore, all Exchange Servers should be inspected for signs of unauthorised access and any web shells must be removed.

Here's what you need to do.

STEP ONE: Patch first!

All Exchange servers should be patched immediately to address the four identified vulnerabilities.


STEP TWO: Investigate whether you've been compromised

Review Microsoft’s advice and download the Microsoft Safety Scanner (a Microsoft-developed scan tool) on your Exchange Server to run a full scan. This tool will automatically delete any detected files and not quarantine them. Once the scan is complete, the tool will report the deleted files. When done using the scanner, uninstall the tool simply by deleting the msert.exe executable. Importantly, this tool is only used for spot scans and should NOT be relied upon as an antivirus program.

More News Stories

February 11, 2022
Prevention is better than cure: Extinctive Prescription and Contractual “Prescription” in Insurance

Prescription is a legal principle regulating the termination of a debt owed by the passage of time. Once the applicable prescription period is exceeded, the debt becomes unenforceable by a creditor, preventing action against debtors years down the line, once facts have been forgotten, and evidence is often sparse.

Read story
February 11, 2022
Return to Sender: How to Mitigate the Risk of Cyber Attacks

The current COVID-19 climate has resulted in an ever-changing environment that is providing less certainty as to what tomorrow will hold.

Read story
October 12, 2021
Camargue | Brit Announcement

Camargue Underwriting Managers (“Camargue”) announced that Brit Insurance Holdings Limited (“Brit”), the global specialty insurer and reinsurer, has acquired a further interest in Camargue, taking its ownership to 100% of the business.

Read story