CIRT.GY | Microsoft Exchange Servers Vulnerable to CVE-2020

Microsoft Exchange Servers Vulnerable to CVE-2020-0688 (March 10th, 2020)

Ref# Unpatched | Date: Mar 11th 2020

Microsoft Exchange Servers that are affected by a remote code execution vulnerability continue to be a target for malicious cyber attackers. This vulnerability is known as CVE-2020-0688.

Microsoft has provided software patches for various affected products in February 2020. However, advanced cyber attackers are continuously targeting unpatched servers.

Microsoft has since released an advisory on CVE-2020-0688:

CVE-2020-0688 | Microsoft Exchange Validation Key Remote Code Execution Vulnerability:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688

The Guyana National CIRT recommends users and administration to review these patches and apply them where necessary, as soon as possible.

References

Unpatched Microsoft Exchange Servers Vulnerable to CVE-2020-0688. (2020, March 10). Retrieved from Us-Cert: https://www.us-cert.gov/ncas/current-activity/2020/03/10/unpatched-microsoft-exchange-servers-vulnerable-cve-2020-0688