https://sputnikglobe.com/20210823/uk-govt-police-servers-reportedly-vulnerable-to-new-microsoft-email-hack-1083696986.html

UK Gov't, Police Servers Reportedly Vulnerable to New Microsoft Email Hack

Sputnik International

The reported vulnerabilities, highlighted by a former Microsoft employee, are said to allow hackers to remotely execute code on an email server, without having... 23.08.2021, Sputnik International

2021-08-23T23:44+0000

2023-05-28T15:15+0000

world

newsfeed

hackers

ransomware

servers

microsoft

united kingdom (uk)

https://cdn1.img.sputnikglobe.com/img/105507/05/1055070585_0:193:3281:2048_1920x0_80_0_0_cfc6b268a90d5a34ac31f107d3b9c34a.jpg

Hackers are targeting Microsoft email servers using a set of vulnerabilities named ProxyShell that was earlier revealed by Orange Tsai at the BlackHat conference, with some UK and US government entities possibly at risk, according to security researchers.Kevin Beaumont, who used to work at Microsoft, penned an article highlighting the vulnerabilities and how they are exploited by hacker groups, blasting Microsoft for "knowingly awful" messaging to their customers to update their software to patch the vulnerabilities.According to the security researcher, the vulnerabilities are "extremely serious", as they allow hackers to remotely execute code on email servers, without needing a password.Beaumont noted in his article that "many US government systems are unpatched". According to Sky News, several servers on the British government's gov.uk domain, along with the police.uk domain used in England, Wales and Northern Ireland, are still vulnerable to attack.The UK's National Cyber Security Centre told the outlet it was "aware of ongoing global activity targeting previously disclosed vulnerabilities in Microsoft Exchange servers", but did not see evidence of any UK entities compromised.Concerns in regard to Microsoft Exchange hacking attacks intensified earlier in the year, with the US and the UK accusing China of being involved in ransomware attacks in which an estimated 400,000 servers were said to have been affected. Beijing denied the claims.

united kingdom (uk)

Sputnik International

feedback@sputniknews.com

+74956456601

MIA „Rosiya Segodnya“

252

2021

Daria Bedenko

News

en_EN

Sputnik International

feedback@sputniknews.com

+74956456601

MIA „Rosiya Segodnya“

252

1920

1080

true

1920

1440

true

https://cdn1.img.sputnikglobe.com/img/105507/05/1055070585_23:0:3281:2048_1920x0_80_0_0_3d9300855a468d326720283db1273559.jpg

1920

true

Sputnik International

feedback@sputniknews.com

+74956456601

MIA „Rosiya Segodnya“

252

Daria Bedenko

newsfeed, hackers, ransomware, servers, microsoft, united kingdom (uk)

UK Gov't, Police Servers Reportedly Vulnerable to New Microsoft Email Hack

23:44 GMT 23.08.2021 (Updated: 15:15 GMT 28.05.2023)

Ransomware attacks global IT systems - Sputnik International, 1920, 23.08.2021

Go to the mediabank

Daria Bedenko

All materials Write to the author

The reported vulnerabilities, highlighted by a former Microsoft employee, are said to allow hackers to remotely execute code on an email server, without having to enter a password.

Kevin Beaumont, who used to work at Microsoft, penned an article highlighting the vulnerabilities and how they are exploited by hacker groups, blasting Microsoft for "knowingly awful" messaging to their customers to update their software to patch the vulnerabilities.

"Microsoft decided to downplay the importance of the patches and treat them as a standard monthly Exchange patch, which have been going on for — obviously — decades", Beaumont wrote.

According to the security researcher, the vulnerabilities are "extremely serious", as they allow hackers to remotely execute code on email servers, without needing a password.

"To make matters worse, Microsoft failed to allocate CVEs for these vulnerabilities until July — 4 months after the patches were issued", Beaumont noted. "Given many organizations vulnerability manage via CVE, it created a situation where Microsoft’s customers were misinformed about the severity of one of the most critical enterprise security bugs of the year."

Beaumont noted in his article that "many US government systems are unpatched". According to Sky News, several servers on the British government's gov.uk domain, along with the police.uk domain used in England, Wales and Northern Ireland, are still vulnerable to attack.

"Customers who have applied the latest updates are already protected against these vulnerabilities", a spokesperson for Microsoft said, cited by Sky News.

Multiple threat actors are now exploiting Exchange ProxyShell vulnerabilities in the wild, at scale, including a ransomware group. My write up.https://t.co/L5VUEGFnK4
— Kevin Beaumont (@GossiTheDog) August 21, 2021

The UK's National Cyber Security Centre told the outlet it was "aware of ongoing global activity targeting previously disclosed vulnerabilities in Microsoft Exchange servers", but did not see evidence of any UK entities compromised.

"The NCSC urges all organisations to install the latest security updates to protect themselves and to report any suspected compromises via our website," it added.

Concerns in regard to Microsoft Exchange hacking attacks intensified earlier in the year, with the US and the UK accusing China of being involved in ransomware attacks in which an estimated 400,000 servers were said to have been affected. Beijing denied the claims.