/plushcap/analysis/cloudflare/protecting-against-microsoft-exchange-server-cves

Protecting against recently disclosed Microsoft Exchange Server vulnerabilities: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065

What's this blog post about?

Cloudflare has deployed managed rules protecting customers against a series of remotely exploitable vulnerabilities found in Microsoft Exchange Server. Web Application Firewall (WAF) users with the Cloudflare Specials ruleset enabled are automatically protected against CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065. Microsoft recommends patching on-premise systems immediately to mitigate these vulnerabilities actively being exploited in the wild by attackers. Cloudflare has also taken the unusual step of immediately deploying rules in "Block" mode due to active attempted exploitation.

Company
Cloudflare

Date published
March 7, 2021

Author(s)
Patrick R. Donahue, Gabriel Gabor

Word count
564

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.