Microsoft Exchange RCE Bug Exploit Released By Researchers

Security researcher Janggggg recently released a proof-of-concept exploit for the Exchange RCE bug (an actively exploited vulnerability affecting Microsoft Exchange Severs).

The bug, which is being tracked as CBE-2021-42321, will affect in-premises Exchange Servers 2016 and 2019, respectively. While Microsoft urged administrators to fix the bug immediately, Microsoft stated, “We are aware of limited targeted attacks in the wild using one of the vulnerabilities (CVE-2021-42321), which is a post-authentication vulnerability in Exchange 2016 and 2019. Our recommendation is to install these updates immediately to protect your environment.”

For those who want to patch their servers, they can do so by generating a quick inventory list of all Exchange servers that need to be updated with the latest version of the Exchange Server Health Checker script.

Those who want to check if their servers have been compromised by the bug should run PowerShell queries on any Exchange server.

For more information, read the original story in Bleeping Computer.

Microsoft Exchange RCE Bug Exploit Released By Researchers

Top Stories

Key U.S. data center law faces expiration with no replacement in sight

Starlink introduces $10 monthly hardware rental fee

Hackers used Meta’s AI support bot to hijack 20,000 Instagram accounts

Meta faces backlash after facial recognition code found in smart glasses app

Apple reportedly taps Google Gemini and Nvidia Blackwell Chips for new Siri

Researchers warn AI coding agents can be manipulated through hidden skill files

Related Articles

Reddit moderators say companies are using fake posts to influence AI search results

Starlink introduces $10 monthly hardware rental fee

German court rules Google liable for false statements in AI Overviews

Amazon sets record with C$14 billion Canadian bond sale

TND News Desk

TND News Desk

Jim Love