Security News > 2021 > March > This new Microsoft tool checks Exchange Servers for ProxyLogon hacks
Microsoft has released a PowerShell script that admins can use to check whether the recently disclosed ProxyLogon vulnerabilities have hacked a Microsoft Exchange server.
On March 2nd, Microsoft released out-of-band emergency security updates to fix four zero-day vulnerabilities actively used in attacks against Microsoft Exchange.
When chained together, these vulnerabilities are known as 'ProxyLogon' and allow the threat actors to perform remote code execution on publicly exposed Microsoft Exchange servers utilizing Outlook on the web.
Yesterday, Microsoft released a PowerShell script on the Microsoft Exchange support engineer's GitHub repository named Test-ProxyLogon.
Microsoft provides the following instructions on using the script to check a single Microsoft Exchange server or all servers in your organization.
As it has been reported that over 30,000 Exchange Servers have been compromised in this attack, all organizations must prioritize installing the new Exchange security updates and ensuring they have not been targeted in these attacks.
News URL
Related news
- Microsoft confirms Windows Server 2025 blue screen, install issues (source)
- Microsoft blames Windows Server 2025 automatic upgrades on 3rd-party tools (source)
- Microsoft Exchange adds warning to emails abusing spoofing flaw (source)
- Microsoft fixes bugs causing Windows Server 2025 blue screens, install issues (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- Microsoft 365 outage impacts Exchange Online, Teams, Sharepoint (source)
- Microsoft re-releases Exchange updates after fixing mail delivery (source)
- Microsoft: “Hack” this LLM-powered service and get paid (source)