Trend Micro’s Zero Day Initiative (ZDI) has disclosed four zero-day vulnerabilities in Microsoft Exchange. The security flaws could enable threat actors to run arbitrary code and disclose sensitive information on victims’ machines. According to ZDI, the critical vulnerabilities were reported to Microsoft in September 2023, with CVSS scores ranging from 7.1 to 7.5. Surprisingly, Microsoft’s...
In this article, I explain how the recently discovered flaw in the Exchange Server Autodiscover protocol can leak user credentials. And how to mitigate the issue in your environment. Microsoft Exchange Server Autodiscover protocol leaks thousands of user credentials Researchers at security company Guardicore have released details of a security issue in the Autodiscover protocol…
This month there are just 58 bugs patched for Microsoft products, including a critical remote code execution flaw in Hyper-V and Microsoft issues a security advisory for Windows DNS.
Microsoft patches 112 bugs, including a zero-day for the Windows kernel.
Hardware vendors publish their solutions for Exchange through the Microsoft ESRP. The only thing is that some of the solutions are illogical and unworkable. In fact, some solutions are simply ridiculous. Sure, you could implement them – but at what cost and what level of reliability. But the solutions get your attention and that’s their purpose.
Google has made several improvements to G-Suite that make it easier for organizations that use both Google Calendar and Microsoft Exchange Server to integrate and maintain functionality across the two platforms.
Phoummala Schmitt shows you how to easily disable Outlook auto-mapping for users with full access permissions.