Security researcher Janggggg recently released a proof-of-concept exploit for the Exchange RCE bug (an actively exploited vulnerability affecting Microsoft Exchange Severs).
The bug, which is being tracked as CBE-2021-42321, will affect in-premises Exchange Servers 2016 and 2019, respectively. While Microsoft urged administrators to fix the bug immediately, Microsoft stated, “We are aware of limited targeted attacks in the wild using one of the vulnerabilities (CVE-2021-42321), which is a post-authentication vulnerability in Exchange 2016 and 2019. Our recommendation is to install these updates immediately to protect your environment.”
For those who want to patch their servers, they can do so by generating a quick inventory list of all Exchange servers that need to be updated with the latest version of the Exchange Server Health Checker script.
Those who want to check if their servers have been compromised by the bug should run PowerShell queries on any Exchange server.
For more information, read the original story in Bleeping Computer.
