Microsoft IOC Detection Tool for Exchange Server Vulnerabilities
Microsoft has released emergency out-of-band security updates that
address four zero-day issues (CVE-2021-26855, CVE-2021-26857,
CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange
versions that are actively exploited in the wild.
Researchers at the MS Exchange Server team have released a script that
could be used by administrators to check if their installs are
vulnerable to the recently disclosed vulnerabilities.
Microsoft released the tool as open-source on GitHub, it can be used to
check the status of Exchange servers.
“Formerly known as Test-Hafnium, this script automates all four of the
commands found in the Hafnium blog post.” states Microsoft. “It also has
a progress bar and some performance tweaks to make the CVE-2021-26855
test run much faster.
Download the latest release here: Download
For more information about these vulnerabilities and how to defend
against their exploitation, Please check:
PetitPotam: Microsoft Windows Server NTLM Relay Attacks on Active Directory Certificate Services (AD CS)
26 Jul 2021 - Security Advisories & Alerts
25 Jul 2021 - Security Advisories & Alerts