fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Microsoft: Exchange Updates Can Install Without Fixing Vulnerabilities

Microsoft: Exchange Updates Can Install Without Fixing Vulnerabilities

Due to the critical nature of recently issued Microsoft Exchange security updates, admins need to know that the updates may have installation issues on servers where User Account Control (UAC) is enabled.

Microsoft has added these warnings to all Exchange security updates released throughout the last few years.

Therefore, it was not surprising when we also saw it added to the support document for the Exchange Server 2019, 2016, and 2013 zero-day security updates released Tuesday.

Researchers and Microsoft employees have also been tweeting warnings to users to make sure the patches are actually being deployed on these problematic servers, given that some Exchange admins may not know about this known issue.

Also Read: In Case You Didn’t Know, ISO 27001 Requires Penetration Testing

Install as an administrator to patch bugs correctly

The known issue occurs because some files are not updated when installing the security updates manually by double-clicking the MSP installers as a normal user.

Microsoft says that the installer will not display any errors or messages to let you know that the Exchange security updates have not been installed correctly.

The only indication that something might be wrong is that Outlook on the web and the Exchange Control Panel (ECP) might suddenly stop working.

“This issue occurs on servers that are using User Account Control (UAC). The issue occurs because the security update doesn’t correctly stop certain Exchange-related services,” Microsoft explains.

To work around this known issue, Microsoft recommends installing the security updates as an administrator, from the command-line:

  1. Select Start, and type cmd.
  2. In the results, right-click Command Prompt, and then select Run as administrator.
  3. If the User Account Control dialog box appears, verify that the default action is the action that you want, and then select Continue.
  4. Type the full path of the .msp file, and then press Enter.

Microsoft adds that the known issue would not occur if the Exchange Server security updates are installed through the Windows Update service.

The company also says that the Exchange services will be automatically restarted after applying the updates correctly.

Actively exploited Exchange vulnerabilities

The zero-day pre-auth RCE vulnerabilities patched Tuesday (two of them now dubbed ProxyLogon by the researchers who found them) are being exploited in ongoing attacks coordinated by multiple state-sponsored hacking groups.

Cybersecurity firm Huntress found web shells deployed on compromised Exchange servers while responding to these ongoing attacks, web shells that would provide the attackers with access to the servers even after they’re patched.

DHS-CISA said on Thursday that admins should investigate for signs of Microsoft Exchange Servers compromise going back to at least September 1, 2020.

Since they are under active exploitation, it is critical to check if they’ve installed correctly and adequately patched the security bugs.

Before updating your Microsoft Exchange servers, you will have to ensure that you’ve deployed a supported Cumulative Update (CU) and Update Rollup (RU) beforehand.

Also Read: 4 Considerations In The PDPA Singapore Checklist: The Specifics

More information on installing these patches is available in this article published by the Microsoft Exchange Team.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us