February 15, 2024 at 06:45AM
A critical vulnerability in Exchange Server (CVE-2024-21410) is actively exploited, enabling privilege escalation and NTLM hash relay attacks. Microsoft issued a warning and released Exchange Server 2019 CU14 to address the flaw. Furthermore, Check Point disclosed another critical-severity Outlook vulnerability (CVE-2024-21413) allowing remote code execution through crafted hyperlinks. Both companies advise applying security updates and remaining cautious.
From the meeting notes, the key takeaways are:
1. Microsoft has addressed a critical vulnerability in Exchange Server (CVE-2024-21410) through the release of Exchange Server 2019 Cumulative Update 14 (CU14).
2. The vulnerability allows for privilege escalation through NTLM credential relay, and Microsoft has now recognized active exploitation of this flaw.
3. A separate critical-severity vulnerability in Outlook (CVE-2024-21413) has also been resolved, allowing attackers to bypass Office Protected View and execute code remotely.
4. Check Point has revealed details about the #MonikerLink bug, which allows for arbitrary code execution by exploiting crafted hyperlinks in Outlook.
5. Both individual users and organizations are strongly advised to apply any patches or security updates provided by Microsoft, follow recommended security practices, and remain vigilant against suspicious hyperlinks and emails.
These are the main points of concern and action resulting from the discussed meeting notes.