Protecting against recently disclosed Microsoft Exchange Server vulnerabilities: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065
Cloudflare has deployed managed rules protecting customers against a series of remotely exploitable vulnerabilities found in Microsoft Exchange Server. Web Application Firewall (WAF) users with the Cloudflare Specials ruleset enabled are automatically protected against CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065. Microsoft recommends patching on-premise systems immediately to mitigate these vulnerabilities actively being exploited in the wild by attackers. Cloudflare has also taken the unusual step of immediately deploying rules in "Block" mode due to active attempted exploitation.
Company
Cloudflare
Date published
March 7, 2021
Author(s)
Patrick R. Donahue, Gabriel Gabor
Word count
564
Language
English
Hacker News points
None found.