IT executives should ensure operational teams allocate resources to accelerated patching, enforce least-privilege access controls, and strengthen monitoring for anomalous activity across systems that cannot be patched immediately, he stressed. “A focused, time-bound remediation plan, beginning with actively exploited and RCE vulnerabilities, will provide the greatest reduction in organizational risk and the strongest defense against potential widespread compromise,” he said.
Unfortunately, said Kevin Breen, senior director of cyber threat research at Immersive, Microsoft has not provided any details on how this exploit is being abused or provided any indicators of compromise, making it harder for defenders to start proactive threat hunting.
Holes in Exchange Server
Michael Walters, president of Action1, drew attention to two vulnerabilities in Microsoft Exchange Server:
