Security News > 2021 > March > This new Microsoft tool checks Exchange Servers for ProxyLogon hacks
Microsoft has released a PowerShell script that admins can use to check whether the recently disclosed ProxyLogon vulnerabilities have hacked a Microsoft Exchange server.
On March 2nd, Microsoft released out-of-band emergency security updates to fix four zero-day vulnerabilities actively used in attacks against Microsoft Exchange.
When chained together, these vulnerabilities are known as 'ProxyLogon' and allow the threat actors to perform remote code execution on publicly exposed Microsoft Exchange servers utilizing Outlook on the web.
Yesterday, Microsoft released a PowerShell script on the Microsoft Exchange support engineer's GitHub repository named Test-ProxyLogon.
Microsoft provides the following instructions on using the script to check a single Microsoft Exchange server or all servers in your organization.
As it has been reported that over 30,000 Exchange Servers have been compromised in this attack, all organizations must prioritize installing the new Exchange security updates and ensuring they have not been targeted in these attacks.
News URL
Related news
- Windows Server August updates fix Microsoft 365 Defender issue (source)
- Microsoft: August updates cause Windows Server boot issues, freezes (source)
- Microsoft: Exchange Online mistakenly tags emails as malware (source)
- Microsoft fixes Windows Server performance issues from August updates (source)
- Microsoft ends development of Windows Server Update Services (WSUS) (source)