Microsoft fixes actively exploited Exchange zero-day bugs attacks (2nd Mar 2021). When service you are not in used, you should disable immediately.

Preface: The Microsoft Exchange Unified Messaging service on the Mailbox server will accept connections from a Client Access server on SIP ports 5062 and 5063.

Technical background: Unified Messaging (UM) enables users to use voice mail and other features, including Outlook Voice Access and Call Answering Rules. UM combines voice messaging and email messaging into one mailbox that can be accessed from many different devices.

Security Focus – Vulnerability details: This vulnerability is part of an attack chain. The initial attack requires the ability to make an untrusted connection to Exchange server port 443.

Workaround: Restrict untrusted connections, or by setting up a VPN to separate the Exchange server from external access.

Reference: u’Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the index length’ in Snapdragon Auto, Snapdragon Compute, …….

Official announcement https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26857

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.