[HN Gopher] New Microsoft Exchange zero-days allow RCE, data the... ___________________________________________________________________ New Microsoft Exchange zero-days allow RCE, data theft attacks Author : croes Score : 36 points Date : 2023-11-04 21:43 UTC (1 hours ago) (HTM) web link (www.bleepingcomputer.com) (TXT) w3m dump (www.bleepingcomputer.com) | Zelphyr wrote: | How much worse does it have to get before someone holds Microsoft | accountable for being criminally negligent? They have a 20+ year | history of virtually non-existent concern for security. | wannacboatmovie wrote: | At least as criminally negligent as Apple, Google, and the | Linux Foundation! | sighansen wrote: | We just ditched slack in favour of teams at our company, because | slack wasn't "secure" enough. I feel like I see a headline like | this twice a month. I can't ever remember seeing a similar | headline for slack. | jbverschoor wrote: | Time for virtualized workstations desktops.. | | Qubes or containers with X11 | gustavus wrote: | > Despite Microsoft acknowledging the reports, its security | engineers decided the flaws weren't severe enough to guarantee | immediate servicing, postponing the fixes for later. | | Well that is an egregious display of bullhockey and an almost | criminal level of negligence. RCE is basically a game over level | exploit. ___________________________________________________________________ (page generated 2023-11-04 23:00 UTC)