New Zero-day Vulnerability Could Impact 97,000 Microsoft Exchange Servers
Stewart Moncrieff2024-02-21T13:07:36-05:00Tens of thousands of Microsoft Exchange servers worldwide could be vulnerable to a recently disclosed zero-day privilege escalation vulnerability that is already being actively exploited by threat actors. The vulnerability, tracked as CVE-2024-21410, allows a remote, unauthenticated attacker to relay a user's Windows NT LAN Manager (NTLM) credentials or "hashes" to impersonate legitimate users on [...]