What you need to know
- A strain of ransomware called DearCry is being used to target unpatched Exchange servers.
- Microsoft has released patches for Exchange servers, but some organizations have not patched systems yet.
- Check Point Research reports that exploitation attempts doubled every 2-3 hours over a recent 24-hour period.
While Microsoft has rolled out emergency patches to address vulnerabilities on its Exchange server software, many systems remain unpatched. Attackers are now increasingly going after unpatched systems. A strain of ransomware called DearCry is being utilized by attackers to target unpatched on-premises Exchange servers (via ZDNet).
Microsoft has detected and is now blocking the new family of ransomware, but it's still vital for organizations to patch their servers and take other security measures.
The Microsoft Security Intelligence Twitter account discussed the ransomware recently. A subsequent Tweet explains that Microsoft Defender customers utilizing automatic updates don't need to take any additional action.
Microsoft Defender customers utilizing automatic updates do not need to take additional action to receive these protections. On-premises Exchange Server customers should prioritize the security updates outlined here: https://t.co/DL1XWnitYOMicrosoft Defender customers utilizing automatic updates do not need to take additional action to receive these protections. On-premises Exchange Server customers should prioritize the security updates outlined here: https://t.co/DL1XWnitYO— Microsoft Security Intelligence (@MsftSecIntel) March 12, 2021March 12, 2021
According to Check Point Research (CPR), threat actors are increasing their attacks on vulnerable servers. Over 24 hours, CPR saw exploitation attempts on organizations double every 2-3 hours.
CPR states in its blog:
CPR explains that if an attacker manages to utilize unpatched vulnerabilities, they can obtain corporate emails and place damaging code within organizations.
Sean Endicott brings nearly a decade of experience covering Microsoft and Windows news to Windows Central. He joined our team in 2017 as an app reviewer and now heads up our day-to-day news coverage. If you have a news tip or an app to review, hit him up at firstname.lastname@example.org (opens in new tab).
Get the best of Windows Central in in your inbox, every day!
Thank you for signing up to Windows Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.