Where is the Malware?

We are left wondering about the Exchange vulnerability. To date, we have seen no malware exploiting this vulnerability on a mass scale. Even public exposure of exploit code has not been made. So, the question is why?

Are attackers holding this back for integration into a multi-exploit attack or did the recent VNC development distract them from the Exchange problem. Only time will tell.

We will keep our eyes open for development on this situation and let you know what we see. In the meantime, make sure you are applying the patch for Exchange and upgrading your VNC servers to the new version. We are seeing wide scans for the VNC problem, and SANS is reporting much attacker activity from this exploit.

This entry was posted in General InfoSec by Brent Huston. Bookmark the permalink.

About Brent Huston

I am the CEO of MicroSolved, Inc. and a security evangelist. I have spent the last 20+ years working to make the Internet safer for everyone on a global scale. I believe the Internet has the capability to contribute to the next great leap for mankind, and I want to help make that happen!

Leave a Reply