On March 2nd, 2021, Volexity reported the in-the-wild exploitation of the following Microsoft Exchange Server vulnerabilities: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065. Further investigation uncovered that an attacker was exploiting a zero-day and used in the wild. The attacker was using the vulnerability to steal full contents of several user mailboxes. This vulnerability is remotely exploitable and does not require authentication or special knowledge or access to a specific environment. Our teams are working across the board, side-by-side with other industry leaders, to provide the best protection against these attacks.
REQUEST IMMEDIATE HELPBased on signatures and indicators observed, Check Point is making sure its customers are protected against those exploits. In addition, we recommend immediately updating all Microsoft Exchange Servers to the latest patched versions available by Microsoft. Check Point is closely monitoring the situation and will provide further updates if needed.
LEARN MOREAt any moment, day or night, your organization can be victimized by devastating cybercrime. You can’t predict when cyberattacks will happen, but you can use proactive incident response to quickly mitigate its effects or prevent them altogether.
HOTLINE LISTIntrusion Prevention Systems detect or prevent attempts to exploit weaknesses in vulnerable systems or applications, protecting you in the race to exploit the latest breaking threat. Check Point IPS protections in our Next Generation Firewall are updated automatically. Whether the vulnerability was released years ago, or a few minutes ago, your organization is protected.
REQUEST A DEMOCheck Point Research publications and intelligence sharing fuel the discovery of new cyber threats and the development of the international threat intelligence community to keep you secure.
GET THE LATEST THREAT & CYBER RESEARCH