07 JANUARY 2019
Microsoft Exchange Server Vulnerable to Exploit from a Simple Email
Microsoft users are urged to update their systems following the discovery of a malicious vulnerability in Microsoft Exchange
The remote code execution vulnerabilities (CVE-2019-0547 and CVE-2019-0586), according to Microsoft, exist in Microsoft Exchange software when the software fails to properly handle objects in memory. They can be exploited by merely sending an email to a vulnerable server.
An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the system user. The hacker could then install programs; view, change or delete data; or create new accounts.
Vulnerability, CVE-2019-0547, has been given Microsoft’s highest Exploit Index rating, meaning the bug is highly exploitable. Receiving emails is a large part of what Exchange is and if not fixed, can be detrimental to your company’s network. Failed exploit attempts can result in denial-of-service conditions.
The technology giant’s update focuses on the vulnerability by correcting how Microsoft Exchange handles the objects in memory.
Alongside the above, the patch for CVE-2019-0550 and CVE-2019-0551 should be noted as high priority. These represent a pair of remote code execution vulnerabilities in Windows Hyper-V, which if exploited, could allow the attackers to execute arbitrary code on the host operating system.
Overall, the majority of issues released this month were detected in the scripting engines of the Edge and Internet Explorer browsers and concerned remote code execution vulnerabilities.
Fixes were also announced for Office after a remote execution flaw (CVE-2019-0585) was discovered in Word, a disclosure bug in Exchange (CVE-2019-0588), and three cross-site scripting vulnerabilities in SharePoint.