Guardicore discovered that the Microsoft Exchange server’s Autodiscover feature design flaw leaked credentials of 100,000 users by trying to authenticate on untrusted third-party servers.
The breach of the Microsoft Exchange email server software is estimated to have hit tens of thousands of victims. The Biden administration has formally declared that Chinese state-backed APT groups were behind the original cyber attacks.
ProxyLogon vulnerabilities can cause significant issues for affected companies. Fortunately, Microsoft offered several solutions for fixing these problems, even providing one for people lacking on-site security assistance.
Microsoft says state-sponsored Chinese hackers exploited four Microsoft Exchange mail server zero-day vulnerabilities. CISA warned of potential widespread exploitation.