Tag :
Cyber Security

Introduction to Related Components

Exchange Server is a mail server developed by Microsoft to enable messaging and collaboration and establish the mail system for enterprises and schools. It has been recently adopted by major enterprises.

Introduction

After attackers are authenticated successfully, they can send a forged request to a certain server API and inject malicious deserialized content into the deserialization stream, to execute arbitrary commands, or even take over the server. The vulnerability only affects Microsoft Exchange 2010, but the exploit is easy and permission requirements are low, making attacks easier.

Impact

Affected Versions: Microsoft Exchange Server 2010 Service Pack 3

Timeline

  • Dec 9, 2020, Microsoft released a security patch.
  • Dec 9, 2020, Sangfor FarSight Labs released a vulnerability alert.

Remediation Solution

Microsoft has released a patch to fix the vulnerability. Please update it from the following link: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-17144

Sangfor Solution

  • For Sangfor NGAF customers, update NGAF security protection.
  • Sangfor Cloud WAF has automatically updated its database in the cloud. Those users are already protected from this vulnerability without needing to perform any additional operations.
  • Sangfor Cyber Command can detect attacks that exploit this vulnerability and can alert users in real-time. Users can integrate Cyber Command to NGAF to block an attacker's IP address.
  • Sangfor SOC has Sangfor security specialists available 24/7 to help you resolve any issues. For users with vulnerabilities, the SOC regularly reviews and updates device policies to ensure protection against this vulnerability.

Why Sangfor?

Sangfor Technologies Incident Response (IR) Services are vital to enterprises across the world. Not every attack can be prevented, even with the most cutting-edge security equipment, and not every company has the expertise to respond to an incident or breach. Statistics show that Incident Response services minimize the impact of attacks, maintain business continuity, and strengthen security for the entire business.

Sangfor Technologies is an APAC-based, global leading vendor of IT infrastructure solutions specializing in Network Security and Cloud Computing. Visit us at www.sangfor.com to learn more about Sangfor's Security solutions, and let Sangfor make your IT simpler, more secure and valuable.

 

Contact Us for Business Inquiry

Listen To This Post

Search

Keyword maximum 256 character

Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Related Articles

Cyber Security

UN and WHO Warn of Ransomware Healthcare Crisis Becoming a Global Threat

Date : 18 Nov 2024
Read Now
Cyber Security

Election Security: Cyber Fraud Through AI, Deep Fakes, and Social Engineering

Date : 13 Nov 2024
Read Now
Cyber Security

Critical SonicWall & Fortinet Vulnerabilities (CVE-2024-23113 & CVE-2024-47575) Threaten Organizations Globally

Date : 13 Nov 2024
Read Now

See Other Product

Platform-X
Sangfor Access Secure
Sangfor SSL VPN
Best Darktrace Cyber Security Competitors and Alternatives in 2024
Sangfor Omni-Command
Replace your Enterprise NGAV with Sangfor Endpoint Secure

Meet the Author

sangfor building image

Sangfor Technologies

Sangfor Technologies is a leading vendor of Cyber Security and Cloud Computing solutions. The majority of the blogs that you are seeing here are written by professionals working at Sangfor. We have a team of content writers, product managers and marketing experts who are taking care of writing articles on various topics that are relevant to our audience. Our team ensures that the articles published are factually correct and helpful to our customers and partners to know more about the recent trends on Cyber Security and Cloud, and how it can help their organizations.

  • facebook
  • twitter
  • linkedin
  • youtube
  • instagram
See Author's Detail