Critical Microsoft Exchange Flaw Leaves Up to 97,000 Servers Vulnerable to Attack
-
Up to 97,000 Microsoft Exchange servers are vulnerable to a critical privilege escalation flaw (CVE-2024-21410) that is being actively exploited.
-
28,500 servers have been confirmed as vulnerable. The most impacted countries are Germany, U.S., U.K., France, Austria, Russia, Canada, and Switzerland.
-
The flaw allows remote unauthenticated attackers to perform NTLM relay attacks to escalate privileges on Exchange Servers.
-
Admins should apply the Exchange Server 2019 CU14 update released in February 2024 to enable NTLM Relay Protections.
-
Exploitation of the flaw can let attackers access confidential data and use compromised servers to further attack the network.