Microsoft: Now It Is the Chinese Because Russia, Well, Russia
October 3, 2022
Brad Smith, president of Microsoft Corp, pinned the blame for the SolarWinds’ misstep on 1000 super cyber warriors from the all-time leader in muffing bunnies. With Russia’s special operation, few would attribute technical super powers to a nation state unable to refuel tanks or prevent troops from eating poisoned cookies offered by a grandmotherly type. China, I think it is your turn to be cast as the dark nemesis for the outstanding Microsoft Exchange Server.
“More Trouble for Exchange Server As Zero-Day Exploits Attacked” asserts:
Microsoft has acknowledged the issues in a post on the Security Response Center, identifying two vulnerabilities, one a Server Side Request Forgery, and another that allows remote code execution via PowerShell. These vulnerabilities are apparently being currently exploited, with signs pointing to China state sponsored hacking groups, who are known to use some of the web shells used in the attacks.
Are there fixes? Sure, the write up reports:
The company also lists some possible detection techniques using Microsoft Sentinel, Defender for Endpoint, and Defender Antivirus.
Microsoft offers some after-the-fact words in this oracular Redmondian emission. Do I have some questions? Nah. Been there. Done that. Do I have observations? Nah, been there and done that too.
One thing could be added to the list of life’s certainties: Microsoft and security are the new peanut butter and jelly of technology. Bad actors love the combo.
Stephen E Arnold, October 3, 2022