New Microsoft PowerShell Script Checks Exchange Servers For ProxyLogon Hacks
On March 2nd Microsoft released an emergency security update to fix four ProxyLogon vulnerabilities that were actively used in attacks against Microsoft Exchange. Those vulnerabilities chained together are known as ProxyLogon and allow the remote code execution on publicly exposed Microsoft Exchange servers. Microsoft also disclosed a list of commands for server administrators to check if the server was hacked. Yesterday Microsoft released a PowerShell script on the Microsoft Exchange support engineer's GitHub repository Test-ProxyLogon.ps1 to automate the work for admins. Read more...