Microsoft Exchange
Microsoft: Exchange Server Subscription Edition now available
Microsoft has announced that the Exchange Server Subscription Edition (SE) is now available to all customers of its enterprise email service. As the company explained, the Exchange Server SE RTM build released this week can be installed as a cumulative update (CU) on servers running Exchange Server 2019 CU15 or CU14, and it can also […]
Washington Post’s email system hacked, journalists’ accounts compromised
Email accounts of several Washington Post journalists were compromised in a cyberattack believed to have been carried out by a foreign government. The incident was discovered on Thursday evening and the publication started an investigation. On Sunday, June 15, an internal memo was sent to employees, informing them of a “possible targeted unauthorized intrusion into their […]
US indicts Black Kingdom ransomware admin for Microsoft Exchange attacks
A 36-year-old Yemeni national, who is believed to be the developer and primary operator of ‘Black Kingdom’ ransomware, has been indicted by the United States for conducting 1,500 attacks on Microsoft Exchange servers. The suspect, Rami Khaled Ahmed, is accused of deploying the Black Kingdom malware on roughly 1,500 computers in the United States and abroad, […]
Microsoft: Exchange 2016 and 2019 reach end of support in six months
Microsoft warned that Exchange 2016 and Exchange 2019 will reach the end of support six months from now, on October 14. The Exchange Server Engineering Team also shared guidance for admins who need to decommission outdated servers until then, cautioning that Exchange 2016 and Exchange 2019 servers will be exposed to attacks since they’ll no […]
Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs
Microsoft says outdated Exchange servers cannot receive new emergency mitigation definitions because an Office Configuration Service certificate type is being deprecated. Emergency mitigations (also known as EEMS mitigations) are delivered via the Exchange Emergency Mitigation Service(EEMS), introduced three years ago in September 2021. EEMS automatically applies interim mitigations for high-risk (and likely actively exploited) security flaws […]
Microsoft: Exchange 2016 and 2019 reach end of support in October
Microsoft has reminded admins that Exchange 2016 and Exchange 2019 will reach the end of extended support in October and shared guidance for those who need to decommission outdated servers. Exchange 2016 reached its mainstream end date in October 2020, while Exchange 2019 reached the end of mainstream support on January 9, 2024. “On October 14, 2025, 9 months […]
Microsoft pulls Exchange security updates over mail delivery issues
Microsoft has pulled the November 2024 Exchange security updates released during this month’s Patch Tuesday because of email delivery issues on servers using custom mail flow rules. The company announced it pulled the updates from Windows Update and the Download Center following widespread reports from admins saying that email had stopped flowing altogether. This issue affects customers using transport rules (also known […]
Microsoft Exchange adds warning to emails abusing spoofing flaw
Microsoft has disclosed a high-severity Exchange Server vulnerability that allows attackers to forge legitimate senders on incoming emails and make malicious messages a lot more effective. The security flaw (CVE-2024-49040) impacts Exchange Server 2016 and 2019, and was discovered by Solidlab security researcher Vsevolod Kokorin, who reported it to Microsoft earlier this year. “The problem is that […]
Iranian hackers now exploit Windows flaw to elevate privileges
The Iranian state-sponsored hacking group APT34, aka OilRig, has recently escalated its activities with new campaigns targeting government and critical infrastructure entities in the United Arab Emirates and the Gulf region. In these attacks, spotted by Trend Micro researchers, OilRig deployed a novel backdoor, targeting Microsoft Exchange servers to steal credentials, and also exploited the Windows […]