Security News > 2022 > October > S3 Ep102.5: “ProxyNotShell” Exchange bugs – an expert speaks [Audio + Text]
![S3 Ep102.5: “ProxyNotShell” Exchange bugs – an expert speaks [Audio + Text]](/static/build/img/news/s3-ep102-5-proxynotshell-exchange-bugs-an-expert-speaks-audio-text-medium.jpg)
You need a password, but finding one email address and password combination valid at any given Exchange server is probably not too difficult, unfortunately.
There are a surprising number of people who switched to the cloud, possibly several years ago, who were running both their on-premises and their cloud service at the same time during the changeover, who never got round to turning off the on-premises Exchange server.
In many cases, the criminals got into their network through Exchange servers that they thought they didn't have.
Like, somebody didn't check the list of VMs running on their VMware server to notice that their migratory Exchange servers that were assisting them during the forklifting of the data between their on-premise network and the cloud network.
Which to be honest, is somewhat fast for an Exchange server, they're very difficult to patch, with a lot of testing involved to be sure that it's reliable before you disrupt your email servers.
The good news is that I think a lot of security software, whether that be an IPS that may be integrated in your firewall, or endpoint security products that you have protecting your Microsoft Windows Server infrastructure.