Four new vulnerabilities have been discovered in Microsoft Exchange. It is indorsed to patch as soon as possible.
The four vulnerabilities allow remote code execution on a device. Microsoft classes them from ‘high’ to ‘critical’. They apply to the on-premise installations of Exchange 2013 to 2019. In principle, the cloud version of Exchange is patched automatically and immediately.
In contrast to the Exchange vulnerabilities that were discovered at the beginning of March, no exploits ‘in the wild’ have yet been identified, but there is a chance that this will happen in the long run.
The big difference with the beginning of March’s vulnerabilities is that when the vulnerabilities discovered were already actively exploited by hacker groups, even before the patch appeared. Nevertheless, quick patching is still highly recommended to avoid abuse.
The problem was discovered by the US secret service NSA and Microsoft itself. US secret services regularly check for vulnerabilities in popular software.
In the past, the NSA was criticized for this; for example, specific vulnerabilities and the tools to abuse them were concealed by the NSA to hack and spy itself. But the NSA itself was also hacked in the past so that those tools and knowledge came into rogue hacker groups’ hands.
This means that by concealing the vulnerabilities, the NSA made companies even more vulnerable to cyber-attacks.
