Updates on Microsoft Exchange Server Vulnerabilities

Original release date: April 12, 2021

CISA has added two new Malware Analysis Reports (MARs) to Alert AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities.

MAR-10330097-1.v1: DearCry Ransomware identifies ransomware that has been used to exploit compromised on-premises Exchange servers. The malware encrypts files on a device and demands ransom in exchange for decryption.
MAR-10331466-1.v1: China Chopper Webshell identifies a China Chopper webshell observed in post-compromised Microsoft Exchange Servers. After successfully exploiting a Microsoft Exchange Server vulnerability for initial accesses, a malicious cyber actor can upload a webshell to enable remote administration of the affected system.

CISA encourages users and administrators to review the following resources for more information:

This product is provided subject to this Notification and this Privacy & Use policy.

admin

MyDoom.B Virus

Systems Affected Any system running Microsoft Windows (Windows 95 and newer) that are used…

1 month ago

Systems Affected Microsoft Windows systems running Internet Explorer 5.01 Internet Explorer 5.50 Internet Explorer…

1 month ago

Systems Affected Check Point Firewall-1 NG FCS Check Point Firewall-1 NG FP1 Check Point…

1 month ago

Systems Affected Systems running Microsoft Windows Overview Microsoft Windows contains multiple vulnerabilities,…

1 month ago

Systems Affected Systems running Microsoft Office XP and Outlook 2002 Overview There…

1 month ago

Systems Affected Applications and systems that use the OpenSSL SSL/TLS library Overview …

1 month ago

This website uses cookies.