[HN Gopher] New Microsoft Exchange zero-days allow RCE, data the...
       ___________________________________________________________________
        
       New Microsoft Exchange zero-days allow RCE, data theft attacks
        
       Author : croes
       Score  : 36 points
       Date   : 2023-11-04 21:43 UTC (1 hours ago)
        
 (HTM) web link (www.bleepingcomputer.com)
 (TXT) w3m dump (www.bleepingcomputer.com)
        
       | Zelphyr wrote:
       | How much worse does it have to get before someone holds Microsoft
       | accountable for being criminally negligent? They have a 20+ year
       | history of virtually non-existent concern for security.
        
         | wannacboatmovie wrote:
         | At least as criminally negligent as Apple, Google, and the
         | Linux Foundation!
        
       | sighansen wrote:
       | We just ditched slack in favour of teams at our company, because
       | slack wasn't "secure" enough. I feel like I see a headline like
       | this twice a month. I can't ever remember seeing a similar
       | headline for slack.
        
       | jbverschoor wrote:
       | Time for virtualized workstations desktops..
       | 
       | Qubes or containers with X11
        
       | gustavus wrote:
       | > Despite Microsoft acknowledging the reports, its security
       | engineers decided the flaws weren't severe enough to guarantee
       | immediate servicing, postponing the fixes for later.
       | 
       | Well that is an egregious display of bullhockey and an almost
       | criminal level of negligence. RCE is basically a game over level
       | exploit.
        
       ___________________________________________________________________
       (page generated 2023-11-04 23:00 UTC)