Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation
15-Feb-24
Microsoft has acknowledged active exploitation of a critical security flaw (CVE-2024-21410) in Exchange Server, impacting NTLM client authentication. The privilege escalation vulnerability allows attackers to relay leaked credentials against the Exchange server, potentially leading to unauthorized access. Microsoft has released patches, and the exploitation is currently detected. Additionally, other Windows flaws (CVE-2024-21351 and CVE-2024-21412) have been patched, with the latter exploited by an advanced persistent threat named Water Hydra to bypass Windows SmartScreen protections. Another critical flaw (CVE-2024-21413) affecting Outlook could lead to remote code execution by manipulating “file://” hyperlinks.
