Security News > 2021 > March > This new Microsoft tool checks Exchange Servers for ProxyLogon hacks
Microsoft has released a PowerShell script that admins can use to check whether the recently disclosed ProxyLogon vulnerabilities have hacked a Microsoft Exchange server.
On March 2nd, Microsoft released out-of-band emergency security updates to fix four zero-day vulnerabilities actively used in attacks against Microsoft Exchange.
When chained together, these vulnerabilities are known as 'ProxyLogon' and allow the threat actors to perform remote code execution on publicly exposed Microsoft Exchange servers utilizing Outlook on the web.
Yesterday, Microsoft released a PowerShell script on the Microsoft Exchange support engineer's GitHub repository named Test-ProxyLogon.
Microsoft provides the following instructions on using the script to check a single Microsoft Exchange server or all servers in your organization.
As it has been reported that over 30,000 Exchange Servers have been compromised in this attack, all organizations must prioritize installing the new Exchange security updates and ensuring they have not been targeted in these attacks.
News URL
Related news
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
- Microsoft's End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now (source)
- Microsoft Exchange Online outage affects Outlook web users (source)
- Veeam RCE bug lets domain users hack backup servers, patch now (source)
- Microsoft: Exchange Online bug mistakenly quarantines user emails (source)
- Hijacked Microsoft web domain injects spam into SharePoint servers (source)
- Microsoft fixes auth issues on Windows Server, Windows 11 24H2 (source)
- Microsoft investigates global Exchange Admin Center outage (source)