Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

ACSC issues new Microsoft Exchange alert

The Australian Cyber Security Centre has issued warnings for three vulnerabilities, referred to as ProxyShell, within the Microsoft Exchange servers.

user icon
Tue, 24 Aug 2021
ACSC issues new Microsoft Exchange alert
expand image

According to one of the Australian government’s leading cyber security agencies, the exploitable loopholes enable malicious actors to remotely gain access, through “unauthenticated remote code execution and arbitrary file upload with elevated privileges”.

The ACSC outlined that the following vulnerabilities were open for exploitation:

  • CVE-2021-34473
  • CVE-2021-34523
  • CVE-2021-31207

While Microsoft has already released patches for the updates in April and May of this year, the ACSC maintains that the alert status is high.

============
============

The ACSC recommends that users download the available patches, and assess their Microsoft Exchange Server for vulnerabilities.

The announcement comes following a troubled year for the Microsoft Exchange service.

Several 0-day exploits in the Microsoft Exchange servers were identified earlier this year, which resulted in an estimated 250,000 servers falling victim to a series of cyber attacks.

The attack had wide ranging consequences, both cyber and political, with top cyber spy chief Rachel Noble accusing the Chinese government of helping criminals to exploit the 0-day loopholes.

“To describe it in plain language, it would be like houses and buildings had faulty locks on the doors,” head of the Australian Signals Directorate Rachel Noble said.

“When the Chinese government became aware of those faulty locks on the doors, they went in and they propped all those doors open.

“What then happened was that there was opportunity for all sorts of criminals [and] other state actors – you name it – to pour in behind all those propped-open doors and get into your house or your building.”

The attack prompted international condemnation against the Chinese government for supporting the attack.

In July, the US, UK, EU, New Zealand and other NATO allies held the Chinese government responsible for the attacks.

“The Australian government is also seriously concerned about reports from our international partners that China's Ministry of State Security is engaging contract hackers who have carried out cyber-enabled intellectual property theft for personal gain and to provide commercial advantage to the Chinese government,” the statement read.

[Related: Top spy chief says PRC government helped cyber criminals with Microsoft Exchange hack to parliamentary inquiry]

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.