With all the data breeches having taken place here in the US and around the world, it seems seriously logical that this exploit could be the one serious reason why its taking place. Fore Microsoft Exchange to be currently vulnerable to a privilege escalation attack that allows any user with a mailbox to become a Domain Admin totally speaks volumes about the lack of quality in MS Server products. It also speaks volumes about the complacency of IT professionals who act like they know their jobs when they actually do not.

The attack relies on two Python-based tools: privexchange.py and ntlmrelayx.py. It has been tested on Exchange 2013 (CU21) on Windows Server 2012 R2, relayed to (fully patched) Windows Server 2016 DC and Exchange 2016 (CU11) on Windows Server 2016, and relayed to a Server 2019 DC, again fully patched.

These are the main stay OS's being utilized by most larger corporations around the world. Microsoft sends this garbage out in response.

“Microsoft has a strong commitment to security and a demonstrated track record of investigating and proactively updating impacted devices as soon as possible," a Microsoft spokesperson said. "Our standard policy is to release security updates on Update Tuesday, the second Tuesday of each month."

Amazing isn't it?