Safeguard
Tag

microsoft-exchange

Safeguard articles tagged "microsoft-exchange" — guides, analysis, and best practices for software supply chain and application security.

6 articles

Vulnerability Analysis

ProxyShell (CVE-2021-34473) Explained: The Exchange Path Confusion Behind a Pre-Auth RCE Chain

CVE-2021-34473 is the path-confusion flaw at the head of ProxyShell — a three-bug Microsoft Exchange chain that took unauthenticated attackers all the way to remote code execution.

Jul 2, 20265 min read
Vulnerability Analysis

ProxyLogon (CVE-2021-26855) Explained: The Exchange SSRF That Opened a Pre-Auth Door

CVE-2021-26855, ProxyLogon, is a server-side request forgery in Microsoft Exchange that let unauthenticated attackers impersonate the server — the first link in a chain to full remote code execution.

Jul 1, 20265 min read
Vulnerability Analysis

ProxyLogon Microsoft Exchange RCE chain (CVE-2021-26855)

A deep dive into ProxyLogon (CVE-2021-26855 and chain): the unauthenticated Exchange RCE that enabled HAFNIUM and mass ransomware attacks.

Jan 17, 20267 min read
Zero-Day Exploits

ProxyNotShell CVE-2022-41040: Microsoft Exchange Under Fire Again

ProxyNotShell chained two Exchange vulnerabilities for authenticated RCE, exploited in the wild for weeks before Microsoft delivered a patch. Exchange admins were running out of patience.

Sep 30, 20226 min read
Vulnerability Analysis

ProxyShell: The Microsoft Exchange Exploit Chain That Wouldn't Stop

ProxyShell chained three Exchange vulnerabilities for unauthenticated remote code execution. Months after patches were available, thousands of servers remained exposed.

Aug 12, 20217 min read
Zero-Day Exploits

Microsoft Exchange HAFNIUM Attack: Four Zero-Days That Compromised 30,000 Organizations

Chinese state-sponsored group HAFNIUM exploited four zero-day vulnerabilities in Microsoft Exchange Server, compromising an estimated 30,000 US organizations and hundreds of thousands globally.

Jun 20, 20215 min read
microsoft-exchange — Safeguard Blog