"Microsoft Exchange Server: Patched Critical Bug Under Active Exploitation"
Microsoft has warned about a critical vulnerability in Exchange Server, tracked as CVE-2024-21410, which was exploited as a zero-day before being fixed during this month's Patch Tuesday. The flaw allows remote unauthenticated threat actors to escalate privileges in NTLM relay attacks targeting vulnerable Microsoft Exchange Server versions. Microsoft has released Exchange Server 2019 Cumulative Update 14 (CU14) to address this vulnerability and enable NTLM credentials Relay Protections to mitigate authentication relay and man-in-the-middle attacks. Admins are advised to evaluate their environments and review Microsoft's documentation before toggling EP on their Exchange servers to avoid breaking functionality.