Critical Exchange Server Vulnerability Fixed In Recent Security Patch Was Already Exploited, Warns Microsoft

Microsoft has cautioned about a critical flaw in Exchange Server, CVE-2024-21410, exploited before this month's Patch Tuesday. This vulnerability enables remote attackers to escalate privileges via NTLM relay attacks on vulnerable Exchange Server versions. In such assaults, attackers manipulate network devices to authenticate against an NTLM relay server under their control, gaining unauthorized access. This could lead to credential leaks and subsequent privilege escalation, allowing attackers to perform operations on the Exchange server on behalf of the victim. Read more...