Security News > 2019 > January > You're an admin! You're an admin! You're all admins, thanks to this Microsoft Exchange zero-day and exploit
2019-01-25 00:31
Easily swapped hashed passwords gives Domain Admin rights via API call. Fix may land next month Microsoft Exchange appears to be currently vulnerable to a privilege escalation attack that allows any user with a mailbox to become a Domain Admin.…
News URL
http://go.theregister.com/feed/www.theregister.co.uk/2019/01/25/microsoft_exchange_hashed_passwords/
Related news
- New Mirai botnet targets industrial routers with zero-day exploits (source)
- Zero-day exploits plague Ivanti Connect Secure appliances for second year running (source)
- Nominet probes network intrusion linked to Ivanti zero-day exploit (source)
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
- Microsoft: Exchange 2016 and 2019 reach end of support in October (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
- Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025 (source)
- Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs (source)