Important Information on the recent Microsoft Exchange Server Vulnerabilities

Over 30,000 organisations have been affected by the recent Microsoft Exchange Server vulnerability announced last week.

Over 30,000 organisations have been affected by the recent Microsoft Exchange Server vulnerability announced last week. Experts have learned that, after accessing the victim’s environment, criminals leave behind a web shell or back door, a hacking tool that can be used by the criminal to subsequently access the same environment. Critically, the criminal’s web shell remains even after the Exchange Server is patched with the latest Microsoft updates. Therefore, all Exchange Servers should be inspected for signs of unauthorised access and any web shells must be removed.

Here's what you need to do.

STEP ONE: Patch first!

All Exchange servers should be patched immediately to address the four identified vulnerabilities.


STEP TWO: Investigate whether you've been compromised

Review Microsoft’s advice and download the Microsoft Safety Scanner (a Microsoft-developed scan tool) on your Exchange Server to run a full scan. This tool will automatically delete any detected files and not quarantine them. Once the scan is complete, the tool will report the deleted files. When done using the scanner, uninstall the tool simply by deleting the msert.exe executable. Importantly, this tool is only used for spot scans and should NOT be relied upon as an antivirus program.

More News Stories

December 22, 2020
Cyber Crime: Ensuring Your Clients are Appropriately Covered

As technology becomes one of the primary means for people to do business, connect with each other, do their shopping and sometimes even host a wedding, the prevalence of criminal attacks perpetrated by way of a computer is certainly on the rise.

Read story
December 17, 2020
Business interruption insurance cover hinges on policy wordings

Despite early court rulings in favour of policyholders, some businesses with COVID-19-related losses will not have business interruption cover

Read story
December 7, 2020
Mozambique spotlight: what you need to know and what precautions to take

On 9 November 2020, Islamist militants beheaded at least 50 civilians in a string of attacks on villages in northern Mozambique.

Read story