0.8 C
London
Friday, November 22, 2024

Your Microsoft Exchange Server Is a Security Liability

- Advertisement -spot_imgspot_img
- Advertisement -spot_imgspot_img

When email spam was a burden that only big corporations could handle, the vast majority of people ran their own email servers. Luckily for everyone, today’s situation is less picky and more efficient with cloud-based solutions like Gmail and Outlook. The time has come – or long overdue – for corporations to explore new ways of handling enterprise email. Yes, Microsoft Exchange might be a little pricey, but it’s worth it in the face of years worth of bugs making it nearly impossible to keep determined hackers out of your network.

The latest reminder of that struggle arrived earlier this week when Taiwanese security researcher Orange Tsai published a blog post laying out the details of a security vulnerability in Microsoft Exchange. Tsai warned Microsoft about this vulnerability as early as June of 2021, and while the company responded by releasing some partial fixes, it took Microsoft 14 months to fully resolve the underlying security problem. Tsai had earlier reported a related vulnerability in Exchange that was massively exploited by a group of Chinese state-sponsored hackers known as Hafnium, which last year penetrated more than 30,000 targets by some counts. Yet according to the timeline described in Tsai’s post this week, Microsoft repeatedly delayed fixing the newer variation of that same vulnerability, assuring Tsai no fewer than four times that it would patch the bug before pushing off a full patch for months longer. When Microsoft finally released a fix, Tsai wrote, it still required manual activation and lacked any documentation for four more months.

Microsoft has released a fix for the vulnerability that underlies the 2017 WannaCry attack on more than 300,000 computers worldwide — but researchers say it was too little, and took too long. Despite issuing security patches in the past month, they’ve continued to offer a bounty which doesn’t seem to be getting much attention. This is because patching Exchange is complicated and time-consuming, which means even when Microsoft releases them, not many take advantage of them.

More and more small business owners are choosing to get rid of their Exchange servers. It’s not just because they can, but because the headache of hacking has become too much. In fact, many are re-examining their use of email, and getting rid of it altogether in order to keep themselves and their business information secure.

You need to move off of on-premise Exchange forever. That’s the bottom line, says Dustin Childs, the head of threat awareness at a cybersecurity firm. Dustin says that when companies fail to stop receiving security updates for Exchange from Microsoft, that’s a sign they have truly moved off of these systems. For organizations using Exchange as a mission-critical component of their infrastructure, this is bad news because it leaves them open for attacks and vulnerabilities.

So far this year, we’ve seen one researcher publicly disclose 2 active vulnerabilities and countless others dumped by someone on the oss-sec mailing list. Others have also revealed that there are 20 unresolved vulnerabilities in the Exchange server. “Exchange right now has a very broad attack surface, and it just hasn’t had a lot of really comprehensive work done on it in years from a security perspective,” said Paul Childs.

Some camera systems can recognize and track people in their vicinity.

The most popular subjects and pages in our library

After years of struggle, the committee hearing finally ended in favour of the “clean energy”. Big celebration for everyone.

This website uses a secure encryption protocol to ensure your personal data is safe. Additionally, your browsing activity is encrypted using HTTPS.

The January 6 Committee was a group of protestors who initiated on January 6, 2010.

Matt Lazo is a tech expert and author who has spent the past 20 years honing his knowledge of the science, art and business behind how media goes from creation to consumption.

Clay portrait of a person, shown with face smudged around in a swirl

As a business owner, it is essential to preserve the culture that already exists within your company. We will do everything in our power to ensure that we stay true to you and your business’s unique culture while working toward making it better.

Our vision is to create revolutionary digital content and services that are engaging, shareable, and valuable.

In the end, you can only be as good as what you put into your work. Just keep at it.

For the first time, Microsoft has recognized a new main attack vector for its Exchange servers. This is looking to be a real problem for IT professionals in the long run as attackers continue to find ways to exploit vulnerabilities even after the patch is released. Security podcast Risky Business published an episode recently titled “It’s Exchangehog Day”, referencing that it was an unfortunate day for Exchange admins who don’t quite yet know when or what vulnerability will next turn into an attack vector.

ADVERTISEMENT

When WIRED reached out to Microsoft for comment on its Exchange security issues, Aanchal Gupta, the corporate vice president of Microsoft Security Response Center (MSRC), responded with an exhaustive list of measures Redmond has taken to mitigate, patch, and harden on-premise Exchange servers. She noted that the company quickly released updates in response to Tsai’s findings before releasing a full fix in August. In contrast to this response, Gupta added that MSRC “worked around the clock” throughout last year’s Hafnium attacks and even launched an Exchange Emergency Mitigation service which helps customers automatically apply mitigations to block known attacks on Exchange servers even before a full patch is available.

Gupta said in an emailed statement that Microsoft continues to work with customers who need on-premise email servers, but at the same time agrees with a recent IDC report that says most customers should move to Microsoft’s cloud-based email service, Exchange Online. “We strongly recommend customers migrate to the cloud to take advantage of real-time security and instant updates to help keep their systems protected from the latest threats,” Gupta said. “ Our work to support on-premises customers to move to a supported and up-to-date version continues, and we strongly advise customers who cannot keep these systems up-to-date continue moving to the cloud. “

If a business’s Exchange servers are experiencing issues, Trend Micro, a computer security company specializing in all aspects of IT security and intricate software like Microsoft Exchange, can help. As Kevin Beaumont recently demonstrated by live-tweeting his experience while attempting to update one of his own servers, even experienced IT professionals will run into problems because of the age of its code and the risks of breaking compatibility with interdependent mechanisms.

Another problem compounding on-premise Exchange’s security woes arises from the fact that vulnerabilities found in its software are often particularly easy to exploit. A lot of Exchange bugs aren’t any more common than, say, vulnerabilities in Microsoft’s Remote Desktop Protocol, says Marcus Hutchins, an analyst for security firm Kryptos Logic. But they’re far more reliable to use because, despite the fact that an Exchange server hosts email locally, it’s accessed through a web service. And passing commands through an online interface to a web server is much easier and simpler than malicious methods like so-called memory corruption vulnerabilities, which have to alter data in a lower level and less predictable portion of a targeted machine. This leaves them vulnerable to small flaws or overzealous hacks that don’t require large amounts of power or skill. It’s all about being elegant with clean code

In order to make the process of finding relevant keywords fast and accurate, we use a concept called “most popular”. This means that if your keyword has the most occurrences on websites which have been indexed by the search engines, real time for that keyword will be faster, and more relevant than those with less distribution.

There was a large crowd of people in the room during the Jan 6 committee hearing

SECURITY

The Quiet Insurrection appears in the January 6 Committee, a Facebook event that took place on December 31, 2018.

Matt has entered the crowd with a debut performance that he calls Matisse.

A clay face with smudged features that create a swirl

Because we love great digital products, we enjoy working with founders, and we’ve been in your shoes. You’ll see this in our personal and no-nonsense approach, which includes preserving the culture that has made your business unique and awesome.

The Bruce Willis Deepfake Is Everyone’s Problem

The author of Stone Cage (Stone Cage, Book 1) is Will Bedingfield.

Unmonitored email is at its best when it’s secure. When companies aren’t invested in keeping their email secure, they have a higher likelihood of receiving cyberattacks. In previous years, this was even more true as Microsoft continued to “downgrade” the production versions of its on-premise Exchange service. However, Microsoft’s recent product releases bring new security features that are harder for hackers to exploit—but these feature only apply to on-premise Exchange, not the cloud-based 365 Exchange Online service.

Microsoft is trying to help customers transition away from their on-premise exchange servers, but it seems the company has shifted its security resources. This can be seen with less resources in the on-premise Exchange team and slight inconsistency in Microsoft’s approach.

Williams acknowledges that some users may prefer or even require that their email be hosted locally rather than in the cloud for legal or privacy issues. But many enterprises that rely on the security of controlling their Exchange server themselves need to reckon with the fact they’re likely introducing more risks than they’re avoiding. “I get it, you want to run your Exchange server in-house for security reasons,” says Williams. “But you have to start evaluating this as a liability.”

“The proof is in the pudding” says Williams. “The code base that’s not being supported isn’t the most up-to-date one either.” If Microsoft doesn’t support your Exchange server, it might not deserve your love anymore, either.

- Advertisement -spot_imgspot_img
Latest news
- Advertisement -spot_img
Related news
- Advertisement -spot_img

LEAVE A REPLY

Please enter your comment!
Please enter your name here