erek
[H]F Junkie
- Joined
- Dec 19, 2005
- Messages
- 10,786
Two US municipalities breached so far !!!!!!!!!!!!
"The sense of urgency in addressing this should be easy to understand.
The bug is a so-called pre-auth RCE (pre-authentication remote code execution). Pre-auth RCEs are extremely attractive to attackers as they are easy to automate and exploit.
Second of all, SharePoint is a very popular product, with Microsoft boasting with more than 200,000 installs across the globe, making this a huge attack surface, most of which are high-value government organizations and big corporations."
https://www.zdnet.com/article/fbi-nation-state-actors-have-breached-two-us-municipalities/
"The sense of urgency in addressing this should be easy to understand.
The bug is a so-called pre-auth RCE (pre-authentication remote code execution). Pre-auth RCEs are extremely attractive to attackers as they are easy to automate and exploit.
Second of all, SharePoint is a very popular product, with Microsoft boasting with more than 200,000 installs across the globe, making this a huge attack surface, most of which are high-value government organizations and big corporations."
https://www.zdnet.com/article/fbi-nation-state-actors-have-breached-two-us-municipalities/