Microsoft: A Consistently Juicy Target
April 25, 2022
I am perched in Washington, DC, checking news flows. What did I spy this morning (April 24, 2022)? This article caught my eye: “Microsoft Exchange Servers Are Being Infected with Ransomware.” Is this a remembrance from times past? The story asserts as actual factual (but who knows anymore?):
In the attack the team studied, Hive commenced its assault via the exploitation of ProxyShell, a collection of Microsoft Exchange Server vulnerabilities (and critical ones at that) that provide a way for attackers to remotely execute code. Microsoft reportedly patched this problem in 2021.
The key phrase in this allegedly accurate write up is “Microsoft reported patched this problem in 2021.”
Several observations:
- Yo Windows Defender and the other Microsoft security systems, “What’s shaken’?”
- What’s with the “reportedly”? If the write up is accurate, the problem was fixed.
- How many thousands of bad actors are involved in this problem? Probably quite a few because this is CaaS, crime as a service.
Net net: Microsoft may be faced with security problems for which there is no reliable remediation. PR, however, is quite easy to deploy.
Stephen E Arnold, April 25, 2022