{"id":9805,"date":"2021-03-02T13:32:00","date_gmt":"2021-03-02T04:32:00","guid":{"rendered":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/?p=9805"},"modified":"2023-10-17T11:41:02","modified_gmt":"2023-10-17T02:41:02","slug":"microsoft-exchange-server%e3%81%ae%e8%a4%87%e6%95%b0%e3%81%ae%e8%84%86%e5%bc%b1%e6%80%a7%e3%81%ab%e9%96%a2%e3%81%99%e3%82%8b%e6%b3%a8%e6%84%8f%e5%96%9a%e8%b5%b7","status":"publish","type":"post","link":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/public\/heads-up\/microsoft-exchange-server%e3%81%ae%e8%a4%87%e6%95%b0%e3%81%ae%e8%84%86%e5%bc%b1%e6%80%a7%e3%81%ab%e9%96%a2%e3%81%99%e3%82%8b%e6%b3%a8%e6%84%8f%e5%96%9a%e8%b5%b7\/","title":{"rendered":"Microsoft Exchange Server\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u6ce8\u610f\u559a\u8d77"},"content":{"rendered":"\n

I. \u6982\u8981
2021\u5e743\u67082\u65e5\uff08\u7c73\u56fd\u6642\u9593\uff09\u3001\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u304b\u3089Microsoft Exchange Server\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u60c5\u5831\u304c\u516c\u958b\u3055\u308c\u307e\u3057\u305f\u3002
\u8106\u5f31\u6027\u304c\u60aa\u7528\u3055\u308c\u305f\u5834\u5408\u3001\u9060\u9694\u306e\u7b2c\u4e09\u8005\u304cSYSTEM\u6a29\u9650\u3067\u4efb\u610f\u306e\u30b3\u30fc\u30c9\u3092\u5b9f\u884c\u3059\u308b\u306a\u3069\u306e\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002
\u3053\u308c\u3089\u306e\u5185\u30014\u4ef6\u306e\u8106\u5f31\u6027\u306f\u3059\u3067\u306b\u653b\u6483\u3067\u306e\u60aa\u7528\u304c\u78ba\u8a8d\u3055\u308c\u3066\u3044\u308b\u305f\u3081\u3001\u65e9\u6025\u306b\u5bfe\u7b56\u3092\u5b9f\u65bd\u3059\u308b\u3053\u3068\u3092\u63a8\u5968\u3057\u307e\u3059\u3002
\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u304c\u63d0\u4f9b\u3059\u308b\u60c5\u5831\u3092\u53c2\u7167\u3057\u3001\u65e9\u671f\u306e\u5bfe\u7b56\u5b9f\u65bd\u3092\u691c\u8a0e\u3057\u3066\u304f\u3060\u3055\u3044\u3002
\u53c2\u8003\uff1ahttps:\/\/www.jpcert.or.jp\/at\/2021\/at210012.html<\/a><\/p>\n

Microsoft The_Exchange_Team
Released: March 2021 Exchange Server Security Updates
https:\/\/techcommunity.microsoft.com\/t5\/exchange-team-blog\/released-march-2021-exchange-server-security-updates\/ba-p\/2175901<\/a><\/p>\n

\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u682a\u5f0f\u4f1a\u793e
Exchange Server \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0\u306e\u516c\u958b (\u5b9a\u4f8b\u5916)
https:\/\/msrc-blog.microsoft.com\/2021\/03\/02\/20210303_exchangeoob\/<\/a><\/p>\n


II. \u5bfe\u8c61
\u5bfe\u8c61\u3068\u306a\u308b\u88fd\u54c1\u306f\u6b21\u306e\u3068\u304a\u308a\u3067\u3059\u3002\u306a\u304a\u3001Microsoft Exchange Online\u306f\u5f71\u97ff\u3092\u53d7\u3051\u306a\u3044\u3068\u306e\u3053\u3068\u3067\u3059\u3002<\/p>\n

– Microsoft Exchange Server 2019
– Microsoft Exchange Server 2016
– Microsoft Exchange Server 2013<\/p>\n


III. \u5bfe\u7b56
\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u304b\u3089\u8106\u5f31\u6027\u3092\u4fee\u6b63\u3059\u308b\u305f\u3081\u306e\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u304c\u516c\u958b\u3055\u308c\u3066\u3044\u307e\u3059\u3002
\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u306f\u3001\u307e\u305a\u5916\u90e8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306b\u63a5\u7d9a\u3057\u3066\u3044\u308bExchange Server\u306b\u3066\u512a\u5148\u7684\u306b\u5bfe\u7b56\u3092\u5b9f\u65bd\u3059\u308b\u3053\u3068\u3092\u63a8\u5968\u3057\u3066\u3044\u307e\u3059\u3002
\u65e9\u671f\u306e\u5bfe\u7b56\u5b9f\u65bd\u3092\u691c\u8a0e\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n

– Microsoft Exchange Server 2019 (CU 8, CU 7)
– Microsoft Exchange Server 2016 (CU 19, CU 18)
– Microsoft Exchange Server 2013 (CU 23)<\/p>\n

\u306a\u304a\u3001\u3059\u3067\u306b\u30b5\u30dd\u30fc\u30c8\u304c\u7d42\u4e86\u3057\u3066\u3044\u308bMicrosoft Exchange Server 2010\u306b\u3064\u3044\u3066\u3082\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u304c\u63d0\u4f9b\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n


IV. \u95a2\u9023\u60c5\u5831
\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u306a\u3069\u304b\u3089\u3001\u89b3\u6e2c\u3057\u305f\u653b\u6483\u306e\u5185\u5bb9\u3092\u89e3\u8aac\u3059\u308b\u60c5\u5831\u304c\u516c\u958b\u3055\u308c\u3066\u3044\u307e\u3059\u3002
\u540c\u793e\u306e\u30d6\u30ed\u30b0\u3067\u306f\u3001\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u306e\u5185\u5bb9\u306b\u52a0\u3048\u3001\u653b\u6483\u3067\u78ba\u8a8d\u3055\u308c\u305f\u6d3b\u52d5\u3001\u653b\u6483\u306e\u88ab\u5bb3\u6709\u7121\u3092\u78ba\u8a8d\u3059\u308b\u305f\u3081\u306e\u8abf\u67fb\u65b9\u6cd5\u3084\u30a4\u30f3\u30b8\u30b1\u30fc\u30bf\u60c5\u5831\u304c\u516c\u958b\u3055\u308c\u3066\u3044\u307e\u3059\u3002
\u8abf\u67fb\u3092\u5b9f\u65bd\u3059\u308b\u5834\u5408\u306e\u53c2\u8003\u306b\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n

Microsoft
HAFNIUM targeting Exchange Servers with 0-day exploits
https:\/\/www.microsoft.com\/security\/blog\/2021\/03\/02\/hafnium-targeting-exchange-servers\/<\/a><\/p>\n

** \u66f4\u65b0: 2021\u5e743\u67088\u65e5\u8ffd\u8a18 ********************************************
\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u304c\u6539\u3081\u3066\u30d6\u30ed\u30b0\u3092\u516c\u958b\u3057\u3001\u901f\u3084\u304b\u306a\u5bfe\u7b56\u5b9f\u65bd\u306b\u52a0\u3048\u3001\u8106\u5f31\u6027\u3092\u60aa\u7528\u3059\u308b\u653b\u6483\u306e\u88ab\u5bb3\u6709\u7121\u306e\u8abf\u67fb\u3092\u63a8\u5968\u3059\u308b\u3068\u3068\u3082\u306b\u3001\u4fb5\u5165\u306e\u75d5\u8de1\u6709\u7121\u3092\u8abf\u67fb\u3059\u308bPowerShell\u30b9\u30af\u30ea\u30d7\u30c8\u306a\u3069\u3092Github\u3067\u516c\u958b\u3057\u3066\u3044\u307e\u3059\u3002
\u307e\u305f\u3001\u672c\u8106\u5f31\u6027\u3092\u60aa\u7528\u3057\u305f\u653b\u6483\u306b\u3064\u3044\u3066\u306f\u3001Volexity\u3084FireEye\u3001\u7c73CISA\u306a\u3069\u3082\u30a4\u30f3\u30b8\u30b1\u30fc\u30bf\u3084\u8abf\u67fb\u65b9\u6cd5\u306b\u95a2\u3059\u308b\u60c5\u5831\u3092\u516c\u958b\u3057\u3066\u3044\u307e\u3059\u3002
\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u306a\u3069\u304c\u63d0\u4f9b\u3059\u308b\u60c5\u5831\u3092\u53c2\u8003\u306b\u3001\u901f\u3084\u304b\u306a\u5bfe\u7b56\u5b9f\u65bd\u3084\u8abf\u67fb\u3092\u5b9f\u65bd\u3059\u308b\u3053\u3068\u3092\u63a8\u5968\u3057\u307e\u3059\u3002<\/p>\n

\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u682a\u5f0f\u4f1a\u793e
Exchange Server \u306e\u8106\u5f31\u6027\u306e\u7de9\u548c\u7b56
https:\/\/msrc-blog.microsoft.com\/2021\/03\/07\/20210306_exchangeoob_mitigations\/<\/a><\/p>\n

Microsoft
microsoft \/ CSS-Exchange
https:\/\/github.com\/microsoft\/CSS-Exchange\/tree\/main\/Security<\/a><\/p>\n

CISA
Alert (AA21-062A) Mitigate Microsoft Exchange Server Vulnerabilities
https:\/\/us-cert.cisa.gov\/ncas\/alerts\/aa21-062a<\/a><\/p>\n

Volexity
Operation Exchange Marauder: Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities
https:\/\/www.volexity.com\/blog\/2021\/03\/02\/active-exploitation-of-microsoft-exchange-zero-day-vulnerabilities\/<\/a><\/p>\n

FireEye
Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities
https:\/\/www.fireeye.com\/blog\/threat-research\/2021\/03\/detection-response-to-exploitation-of-microsoft-exchange-zero-day-vulnerabilities.html<\/a>
***********************************************************************<\/p>\n


V. \u53c2\u8003\u60c5\u5831
Microsoft
New nation-state cyberattacks
https:\/\/blogs.microsoft.com\/on-the-issues\/2021\/03\/02\/new-nation-state-cyberattacks\/<\/a><\/p>\n

Microsoft
CVE-2021-26855 | Microsoft Exchange Server \u306e\u30ea\u30e2\u30fc\u30c8\u3067\u30b3\u30fc\u30c9\u304c\u5b9f\u884c\u3055\u308c\u308b\u8106\u5f31\u6027
https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-26855<\/a><\/p>\n

Microsoft
CVE-2021-26857 | Microsoft Exchange Server \u306e\u30ea\u30e2\u30fc\u30c8\u3067\u30b3\u30fc\u30c9\u304c\u5b9f\u884c\u3055\u308c\u308b\u8106\u5f31\u6027
https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-26857<\/a><\/p>\n

Microsoft
CVE-2021-26858 | Microsoft Exchange Server \u306e\u30ea\u30e2\u30fc\u30c8\u3067\u30b3\u30fc\u30c9\u304c\u5b9f\u884c\u3055\u308c\u308b\u8106\u5f31\u6027
https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-26858<\/a><\/p>\n

Microsoft
CVE-2021-27065 | Microsoft Exchange Server \u306e\u30ea\u30e2\u30fc\u30c8\u3067\u30b3\u30fc\u30c9\u304c\u5b9f\u884c\u3055\u308c\u308b\u8106\u5f31\u6027
https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-27065<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

I. \u6982\u89812021\u5e743\u67082\u65e5\uff08\u7c73\u56fd\u6642\u9593\uff09\u3001\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u304b\u3089Microsoft Exchange Server\u306e\u8907\u6570\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u60c5\u5831\u304c\u516c\u958b\u3055\u308c\u307e\u3057\u305f\u3002\u8106\u5f31\u6027\u304c\u60aa\u7528\u3055\u308c\u305f\u5834\u5408\u3001\u9060\u9694\u306e\u7b2c\u4e09\u8005\u304cSYSTEM\u6a29\u9650\u3067\u4efb\u610f\u306e\u30b3\u30fc […]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[45],"_links":{"self":[{"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/posts\/9805"}],"collection":[{"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/comments?post=9805"}],"version-history":[{"count":4,"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/posts\/9805\/revisions"}],"predecessor-version":[{"id":14991,"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/posts\/9805\/revisions\/14991"}],"wp:attachment":[{"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/media?parent=9805"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/categories?post=9805"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.csirt.dendai.ac.jp\/csirt\/wp-json\/wp\/v2\/tags?post=9805"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}