Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Comment Re:The patch still leaves an open back door (Score 2) 26

I support a few Exchange servers. The vulnerability allowed attackers to drop a web shell on the server. The patches fix that vulnerability, but admins still need to remove the web shell and anything else left behind. Microsoft have actually published some good tools to help assess and resolve any problems including an nmap script to scan servers https://github.com/microsoft/C.... It will look for shells, IoCs in the logs and dumps of the lsass.exe process on the server (the scariest part of breach). Attackers could have accessed hashed NTLM credentials for any users logging into their mailboxes.

Slashdot Top Deals

2000 pounds of chinese soup = 1 Won Ton

Working...