Security News > 2021 > March > This new Microsoft tool checks Exchange Servers for ProxyLogon hacks
Microsoft has released a PowerShell script that admins can use to check whether the recently disclosed ProxyLogon vulnerabilities have hacked a Microsoft Exchange server.
On March 2nd, Microsoft released out-of-band emergency security updates to fix four zero-day vulnerabilities actively used in attacks against Microsoft Exchange.
When chained together, these vulnerabilities are known as 'ProxyLogon' and allow the threat actors to perform remote code execution on publicly exposed Microsoft Exchange servers utilizing Outlook on the web.
Yesterday, Microsoft released a PowerShell script on the Microsoft Exchange support engineer's GitHub repository named Test-ProxyLogon.
Microsoft provides the following instructions on using the script to check a single Microsoft Exchange server or all servers in your organization.
As it has been reported that over 30,000 Exchange Servers have been compromised in this attack, all organizations must prioritize installing the new Exchange security updates and ensuring they have not been targeted in these attacks.
News URL
Related news
- Microsoft fixes auth issues on Windows Server, Windows 11 24H2 (source)
- Microsoft investigates global Exchange Admin Center outage (source)
- Microsoft: Windows Server 2025 restarts break connectivity on some DCs (source)
- Microsoft: Exchange 2016 and 2019 reach end of support in six months (source)
- Microsoft fixes Windows Server 2025 blue screen, install issues (source)
- Oh, cool. Microsoft melts bug that froze Server 2025 Remote Desktop sessions (source)
- Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025 (source)
- Microsoft: Windows Server hotpatching to require subscription (source)
- Microsoft fixes Exchange Online bug flagging Gmail emails as spam (source)
- US indicts Black Kingdom ransomware admin for Microsoft Exchange attacks (source)