Monday 9 August 2021
The impact of this issue announcement is critical. Please act accordingly to rectify the issue, as stated below.
What you need to know:
Attackers are now actively exploiting ProxyShell vulnerabilities which were presented at this year’s Black Hat Conference. These vulnerabilities were just patched over the past few months (CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207) but are now being exploited by cyber criminals hoping to find vulnerable machines.
- Microsoft Exchange Server 2013
- Microsoft Exchange Server 2016
- Microsoft Exchange Server 2019
Actions to be taken:
Your organisation is at risk if you and haven’t yet updated your Microsoft Exchange Server to the May 2021 Cumulative Update package (KB5003435).