Trusted by more than 2500 companies with over 5 million users

Microsoft January 2023 Patch Tuesday: Exchange Server Security Updates

Microsoft has released Security Updates (SUs) for vulnerabilities found in: Exchange Server 2013 Exchange Server 2016 Exchange Server 2019 The updates address the following vulnerabilities: CVE-2023-21745: Spoofing Vulnerability CVE-2023-21761: Information Disclosure Vulnerability CVE-2023-21762: Spoofing Vulnerability CVE-2023-21763: Elevation of Privilege Vulnerability CVE-2023-21764: Elevation of Privilege Vulnerability Official announcement can be found here. SUs are available for [...]

Microsoft January 2023 Patch Tuesday: Exchange Server Security Updates2023-01-13T10:27:53-05:00

Ransomware Group Targets Microsoft Exchange Server with New Exploit OWASSRF

Threat actors affiliated with the Play ransomware strain are leveraging a never-before-seen exploit method that bypasses Microsoft’s ProxyNotShell URL rewrite mitigation. A New Exploit Chain CrowdStrike researchers have discovered a new exploit method they have named OWASSRF, or Outlook Web Access Server-Side Request Forgery. The novel exploit affects Exchange Server 2013, 2016 and 2019 by leveraging CVE-2022-41080 [...]

Ransomware Group Targets Microsoft Exchange Server with New Exploit OWASSRF2022-12-27T07:28:49-05:00

Microsoft Exchange ProxyNotShell Vulnerability Explained and How to Mitigate It

ProxyShell and ProxyLogon are two high severity exploits against Microsoft Exchange Servers discovered in 2021. Both vulnerabilities enable threat actors to perform remote code execution on vulnerable systems. A year later, another easily exploitable vulnerability named ProxyNotShell is threatening unpatched Exchange Servers. Here's a great article we recommend you read: Microsoft Exchange ProxyNotShell vulnerability explained [...]

Microsoft Exchange ProxyNotShell Vulnerability Explained and How to Mitigate It2022-12-19T07:41:19-05:00

ProxyNotShell Proof-of-Concept Published Online

Security researchers confirm Proof-of-Concept (PoC) works against unpatched versions of Microsoft Exchange Server 2013, 2016 and 2019 In early August, researchers discovered cyberattacks against critical infrastructure using two unpublished Exchange Server security vulnerabilities. Microsoft’s Security Research Center (MSRC) stated: “The first exploit identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, and the second one, identified as CVE-2022-41082, allows [...]

ProxyNotShell Proof-of-Concept Published Online2022-12-16T10:05:26-05:00

Microsoft Exchange – Messageware Q4 2022 Newsletter

The last few months have been busy. Lets look at the happenings and news from the Exchange Server Community: MEC Technical Airlift We hope you attended the Microsoft Exchange Conference ( MEC Technical Airlift ) and had an opportunity to engage with the community and listen to the keynote with Rajesh, Perry, and Jared. In [...]

Microsoft Exchange – Messageware Q4 2022 Newsletter2022-11-21T10:18:35-05:00

Microsoft November 2022 Patch Tuesday: Exchange Server Security Updates

Microsoft has released security updates for two zero-day vulnerabilities: CVE-2022-41040, a server-side request forgery vulnerability, and CVE-2022-41082, which allows remote code execution. Collectively known as ProxyNotShell, the Exchange Server vulnerabilities have led to a spate of attacks linked to nation-state threat actors since late September. The SUs address vulnerabilities responsibly reported to Microsoft by security [...]

Microsoft November 2022 Patch Tuesday: Exchange Server Security Updates2022-11-11T05:53:35-05:00

On-Premise Chosen over Microsoft 365 due to Server Privacy Concerns

In an ongoing battle that started in 2018 with the EU, several state courts, including the federal German court, found that Microsoft 365 was not compliant with GDPR laws. The ban mostly affects educational institutions and companies that use Microsoft’s 365 product line. The ban comes after Microsoft ended its special arrangements with German users. An [...]

On-Premise Chosen over Microsoft 365 due to Server Privacy Concerns2023-09-13T11:04:20-04:00

Microsoft October 2022 Patch Tuesday: Exchange Server Security Updates

The SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes. Our recommendation is to immediately install these updates to protect your environment. NOTE   The October 2022 SUs do not contain fixes for the zero-day vulnerabilities reported publicly on September 29, 2022 (CVE-2022-41040 and CVE-2022-41082). Please see this blog post to apply mitigations for those [...]

Microsoft October 2022 Patch Tuesday: Exchange Server Security Updates2023-11-17T10:54:00-05:00

Alert: New Zero-Day Vulnerability Targets Microsoft On-Premise and Hybrid Cloud Exchange Servers

Summary: In early August, researchers from the cybersecurity vendor GTSC discovered cyberattacks against critical infrastructure using two unpublished Exchange Server security vulnerabilities. Microsoft’s Security Research Center (MSRC) stated: “The first exploit identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, and the second one, identified as CVE-2022-41082, allows Remote Code Execution (RCE) when PowerShell [...]

Alert: New Zero-Day Vulnerability Targets Microsoft On-Premise and Hybrid Cloud Exchange Servers2022-12-16T10:12:07-05:00

Exchange Online Servers Hacked Using Malicious OAuth Applications

Microsoft’s 365 Defender Research Team recently investigated an attack in which malicious OAuth applications were deployed on compromised cloud tenants. Initial Access The attacker first needed to compromise a cloud user’s account that had sufficient permissions in order to create a malicious OAuth application. The threat actor did this by launching credential-stuffing attacks against high-risk [...]

Exchange Online Servers Hacked Using Malicious OAuth Applications2022-12-16T10:13:14-05:00

CISA Publishes Mitigation Techniques Against Exchange Server Attacks

In response to the recent targeting of critical infrastructure in the US and abroad, the Cybersecurity and Infrastructure Security Agency (CISA) urges network and security administrators to prepare and immediately mitigate potential cyber threats with the following measures. Implement and apply backup and recovery policies and procedures: Maintain offline backups of data Regularly test backup and restoration Ensure [...]

CISA Publishes Mitigation Techniques Against Exchange Server Attacks2023-09-13T10:31:00-04:00

Nemesis Kitten targets Exchange Server for Attacks

Microsoft Security Threat Intelligence has been tracking multiple ransomware campaigns by a group known as DEV-0270 who also goes by the alias Nemesis Kitten. Who is DEV-0270? DEV-0270, a sub-group of the Iranian threat actor known as PHOSPHORUS, are known for leveraging newly disclosed vulnerabilities against their targets. If successful, the group contacts the victim [...]

Nemesis Kitten targets Exchange Server for Attacks2022-12-27T07:20:19-05:00

Microsoft Exchange Server Security: The 10 Best Ways to Secure Your Server

Security breaches cause organizational chaos, financial and reputation risk. Given how organizations have shifted to a hybrid of in-office and work-from-home, there is a significant increase in the security threat landscape, and it’s more important than ever to improve and harden Exchange Server security. These best practices help provide a baseline security framework that all [...]

Microsoft Exchange Server Security: The 10 Best Ways to Secure Your Server2025-03-17T09:16:37-04:00

Microsoft Exchange – Messageware Q3 2022 Newsletter

Exciting news, MEC (The Microsoft Exchange Conference) is back! The biggest Exchange gathering of the year will be taking place ‘virtually’ Sept 13-14, 2022. It’s been 8 years since the last MEC and we’re excited for candid Q&A and hearing more from Microsoft on the future of Exchange Server. Here’s a link to the registration - https://aka.ms/MECAirlift! Released: [...]

Microsoft Exchange – Messageware Q3 2022 Newsletter2022-08-24T10:47:09-04:00

Microsoft August 2022 Patch Tuesday: Exchange Server vulnerabilities fixed

Microsoft has released security updates (SUs) for vulnerabilities found in: Exchange Server 2013 Exchange Server 2016 Exchange Server 2019 The SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes. Although we are not aware of any active exploits in the wild, our recommendation is to immediately install these updates to [...]

Microsoft August 2022 Patch Tuesday: Exchange Server vulnerabilities fixed2023-04-24T06:56:38-04:00

Customer Stories – A Missouri Police Department

When Messageware was approached by a Missouri police department to assist with administrative streamlining, Messageware had the ideal solution. Issues at Hand The department’s administrative staff had been complaining of no MailTo ability for attachments since moving to Office 365. Staff had to re-login to the Outlook web session before they could navigate to attach [...]

Customer Stories – A Missouri Police Department2022-08-24T09:48:49-04:00

Customer Stories – Australian Apparel Retail Chain

When an Australian family-owned apparel retailer found Office 365 hindering their 500+ employees they turned to Messageware. The issue at hand: A customer since 2016, their business uses over one hundred Office 365 K1 Kiosk accounts for their retail stores. As none of these kiosks have mail clients installed on their local computers, they were [...]

Customer Stories – Australian Apparel Retail Chain2024-12-03T11:04:30-05:00

Collision Repair Centre uses ActiveSend to Accelerate Assessment Process with Outlook Web

When a chain of collision repair centers in the northeast USA discovered that Outlook web was hindering their unmatchable turnaround times, they approached Messageware. The issue at hand: Staff capture repair estimates for submission to insurers using kiosks conveniently located beside damaged vehicles. However, submitting a vehicle collision report becomes frustrating and time-consuming because Outlook [...]

Collision Repair Centre uses ActiveSend to Accelerate Assessment Process with Outlook Web2022-08-24T09:47:13-04:00

IceApple exploit framework targeting Microsoft Exchange servers

Stealthy, “highly sophisticated” post-exploitation framework used for data exfiltration likely the work of a state-sponsored threat actor. In late 2021, security researchers on CrowdStrike’s Falcon OverWatch team first detected a modular exploit targeting Microsoft Exchange Servers. Dubbed IceApple, the .NET-based framework has been observed in “distinct locations” and primarily directed toward entities in government, academic [...]

IceApple exploit framework targeting Microsoft Exchange servers2022-12-27T07:22:34-05:00