Exchange vulnerability 03-03-2021

I posted this link on Discord, but decided to drop it on the forum as well.

This is not going to be pretty.


Yeah, this is a bad one.

Thank $Deity we’re on O365.

The Reddit thread(s) regarding this, especially in r\sysadmin, have been buzzing a lot. Lots of unhappy and pissed-off sysadmins trying to get to grips with this shitshow.

Some have been lucky. Some need to backup exchange data, and do a reinstall of Exchange and restore mailbox data.

We migrated to 0365 in November. May have been victim to this vulnerability, but can’t check the server to confirm as it has been decommissioned already.

Better say nothing to Manglement as nothing can be proven, and I don’t want to open a whoopass can of worms.

Current tally is 60K globally.

The “oof” meter just broke again.

We’re using Ironscales for our clients. It’s pretty good.

I’m waiting with dread for the first crypto-malware extortion incident.

It’s getting worse. The White House is warning that if a server is affected, the amount of time you’ve got to fix it is hours instead of days.

ominous drum roll

And it’s started. I was wondering when.

And today we have the major MS outage.

Orifice365 emails working for us

touch wood