Security News > 2019 > January > You're an admin! You're an admin! You're all admins, thanks to this Microsoft Exchange zero-day and exploit
2019-01-25 00:31
Easily swapped hashed passwords gives Domain Admin rights via API call. Fix may land next month Microsoft Exchange appears to be currently vulnerable to a privilege escalation attack that allows any user with a mailbox to become a Domain Admin.…
News URL
http://go.theregister.com/feed/www.theregister.co.uk/2019/01/25/microsoft_exchange_hashed_passwords/
Related news
- Microsoft bigwig says the Feds catching Chinese spies in Exchange Online is the cloud working as intended (source)
- "Researchers" exploit Kraken exchange bug, steal $3 million in crypto (source)
- Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw (source)
- Zero-Day Exploits Cheat Sheet: Definition, Examples & How It Works (source)
- New Attack Technique Exploits Microsoft Management Console Files (source)
- Microsoft July 2024 Patch Tuesday fixes 142 flaws, 4 zero-days (source)
- Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112) (source)
- Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112) (source)
- Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer (source)