• Plus member bonus – Exchange security issue

    Home » Forums » Newsletter and Homepage topics » Plus member bonus – Exchange security issue

    Author
    Topic
    #2348413

    For those of you that are small businesses, I have uploaded to the Master Patch list page some special links, resources and a  Plus member only video
    [See the full post at: Plus member bonus – Exchange security issue]

    Susan Bradley Patch Lady/Prudent patcher

    Viewing 2 reply threads
    Author
    Replies
    • #2348557

      With a problem as large as this you restrict this vital information to the Pro members area ONLY?

      • #2348604

        It relates to business mail users not home or consumer users.  Since it doesn’t apply to most of the membership, it’s a bonus to the Plus members that are business owners/consultants.

        Susan Bradley Patch Lady/Prudent patcher

    • #2349045

      MAJOR Problem: The patch list apparently tells businesses to install the infected Exchange patches!

      Those should be updated to be marked “DO NOT INSTALL, INFECTED!!”

      Those kinds of patch rejections is why most of us pay for access to the patch lists (and also why we generally defer Microsoft updates for longer than officially recommended).

      Also, the fact that someone was able to infiltrate the update system itself at Microsoft raises major questions as to the level of trust that should be placed in Microsoft updates.

      • #2349055

        Update: Some news media reported that it was the Exchange patches themselves that had been compromised, not that the exchange servers were getting attacked with 0-days.

        • #2350145

          No, what they were referring to was that during the patch testing process they share “indicators of compromise” and information with antivirus vendors and other patch testers. It’s possible that one of THEM had been hacked and thus the information got leaked out because someone hacked their inbox/credentials.

          Susan Bradley Patch Lady/Prudent patcher

      • #2349294

        Where have you seen evidence that the patches were infected?
        Speculation isn’t enough for such an important issue.

        cheers, Paul

      • #2350147

        With my deepest respect but these Exchange updates were not infected.  No Microsoft updates systems were infiltrated.  I would recommend that you review this article:  https://www.wsj.com/articles/microsoft-probing-whether-leak-played-role-in-suspected-chinese-hack-11615575793?mod=djemalertNEWS

        Susan Bradley Patch Lady/Prudent patcher

    • #2350144

      Susan Bradley Patch Lady/Prudent patcher

    Viewing 2 reply threads
    Reply To: Plus member bonus – Exchange security issue

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: