Updates on Microsoft Exchange Server Vulnerabilities

Original release date: April 12, 2021

CISA has added two new Malware Analysis Reports (MARs) to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities.

MAR-10330097-1.v1: DearCry Ransomware identifies ransomware that has been used to exploit compromised on-premises Exchange servers. The malware encrypts files on a device and demands ransom in exchange for decryption.
MAR-10331466-1.v1: China Chopper Webshell identifies a China Chopper webshell observed in post-compromised Microsoft Exchange Servers. After successfully exploiting a Microsoft Exchange Server vulnerability for initial accesses, a malicious cyber actor can upload a webshell to enable remote administration of the affected system.

CISA encourages users and administrators to review the following resources for more information:

This product is provided subject to this Notification and this Privacy & Use policy.

admin

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems (ICS) advisories on July 24, 2025. These advisories provide…

12 hours ago

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

2 days ago

CISA, in partnership with the Federal Bureau of Investigation (FBI), the Department of Health and…

3 days ago

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of…

4 days ago

CISA is aware of active exploitation of a new remote code execution (RCE) vulnerability enabling unauthorized…

5 days ago

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

7 days ago

This website uses cookies.