Ken Westin

Author's Posts

RQ Threat Advisory Report: HAFNIUM/Exchange Zero-Days

On March 2, 2021, Microsoft Security Response Center released updates related to vulnerabilities affecting on-premises deployments of Microsoft Exchange Server 2013/2016/2019. Microsoft also revealed details around active exploitation of these vulnerabilities using zero-day exploits. The exploited vulnerabilities span several classifications, including server-side request forgery (SSRF), deserialization, and a set of arbitrary file write vulnerabilities; all […]