A vulnerability in the Microsoft Message Queuing Service (MSMQ) allows attackers to take control of a server using just a single packet of data. The component is also part of MS Exchange. A patch for the vulnerability is available and should be installed immediately.
A service neglected by Microsoft called Microsoft Message Queuing Service can currently be exploited by criminal hackers to attack corporate networks. Dubbed Queue Jumper, the vulnerability allows attackers to remotely inject and execute arbitrary code. Microsoft has already responded and is providing updates. Queue Jumper (CVE-2023-21154) has a criticality score of 9,8 out of 10.
Just one package to disaster
"Anyone who has not yet installed Microsoft's April patches should do so as soon as possible," recommends Tim Berghoff, Security Evangelist at G DATA CyberDefense AG. “Until a patch is installed, companies should definitely check whether port 1801/tcp can be reached on systems. If the MSMQ service is not required, disable it immediately.”
Operators of Exchange servers open to the Internet should therefore take a particularly close look. When setting up an Exchange server, some recommended components are installed automatically, including MSMQ.
More at GData.de
About G Data With comprehensive cyber defense services, the inventor of the anti-virus enables companies to defend themselves against cybercrime. Over 500 employees ensure the digital security of companies and users. Made in Germany: With over 30 years of expertise in malware analysis, G DATA conducts research and software development exclusively in Germany. The highest standards of data protection are paramount. In 2011, G DATA issued a “no backdoor” guarantee with the “IT Security Made in Germany” seal of trust from TeleTrust eV. G DATA offers a portfolio from anti-virus and endpoint protection to penetration tests and incident response to forensic analyzes, security status checks and cyber awareness training to defend companies effectively. New technologies such as DeepRay use artificial intelligence to protect against malware. Service and support are part of the G DATA campus in Bochum. G DATA solutions are available in 90 countries and have received numerous awards.