Exchange 2013

Exchange and the Turla LightNeuron Attack

by Tony Redmond

Turla, a Russian cyber-espionage group is reported as being behind an attack on Exchange on-premises servers that uses transport agents to capture and process messages for selected users. It's an attack vector that hasn't been seen before and raises the question of how often administrators should review transport agents active on their servers. The important point is that unless your network is compromised, hackers cannot install transport agents on Exchange servers and this attack is more theoretical than practical.

Exchange Privilege Elevation Vulnerability Addressed by Microsoft Patches

with 3 Comments by Tony Redmond

The recent exposure of a privilege elevation vulnerability that exists in the control Exchange has over Active Directory and EWS push notifications is fixed by cumulative updates for Exchange 2013, Exchange 2016, and Exchange 2019 and a roll-up update for Exchange 2010 SP3. These changes mark an architectural modification for Exchange, something that Microsoft is loathe to do outside major releases. Install the updates now!

Petri Newsletter Sign-up
Tech Tuesday

Subscribe to Tech Tuesday, the latest insights from Petri.com for IT Pros.

    See All Petri Newsletters

    Register for this Petri Webinar!

    Software-Defined Backup Storage: Agnostic, Easy and Cloud-Ready

    Tuesday, August 27, 2019 @ 1:00 pm EDT

    A Scale-Out Backup storage infrastructure is a must-have technology for your backups. In this webinar, join expert Rick Vanover for a look on what real-world problems are solved by the Scale-Out Backup Repository.

    Register Now

    Sponsored By