02 Oct Beware this Exchange Server vulnerability

An old exploit still threatens users

Exploits are a fundamental weakness to services and systems. Unfortunately, when unpatched, they can cause serious harm and downtime. One such vulnerability is still present in Microsoft Exchange servers, specifically the CVE-2020-0688. The CVE-2020-0688 RCE exploit results when servers fail to create unique installation keys.

Hackers have routinely scanned for this vulnerability. Unfortunately, at least 61% of services using Exchange still have it. This translates to “authenticated” users bypassing normal security means. From there, a user can execute code and take control of a server, using SYSTEM privileges. 

If you’re using a Microsoft Exchange service for your business, this may raise concerns.

Resolving the issue

There is, fortunately, a patch to remove the zero-day exploit. It was introduced far back in February 2020, but has not been fully implemented by those with the vulnerability. Primarily, this is because of some not being aware of the exploit existing. 

In fact, the mainline problem is that many of these server versions haven’t been updated since there 2010 versions, or in at least six years. This accounts for at least 54,000 versions.

Resolving the problem is a matter of updating and applying the released patch.

Zero Day provides a useful breakdown here: Applying the patch

If you’d like additional assistance or information, you can contact Bytagig for support today.