question

Wagamama-0678 avatar image
0 Votes"
Wagamama-0678 asked KyleXu-MSFT commented

Are Exchange Tool Machines Vulnerable to Hafnium Exploit?

We have some Exchange Tools machines that have an CU on them. Unfortunately we cannot install a newer CU on them due to some software dependencies.

Are these machines vulnerable to the Hafnium exploits? There are no Exchange Services running on them at all and there is nothing listening on port 443 and the only website on port 80 is the default website which was created by the tools installation.

I understand there may be vulnerable files on there, I get it. But with the absence of Exchange Services running on these machines, do we have any concerns with the Hafnium Exploit where these machines are involved?

Thanks!

office-exchange-server-administration
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

2 Answers

AndyDavid avatar image
1 Vote"
AndyDavid answered

No, if its JUST the Exchange tools, then you dont need to patch as there are none of the exploited virtual dirs are installed and the tools essentially use remoting to connect to the actual Exchange Servers. If anything you probably do not need to have the tools installed there at all really, but nonetheless, Exchange isnt "running" there.


I'd still ensure there is anti-malware on them and ensure its not exposed to the internet of course :)

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

KyleXu-MSFT avatar image
0 Votes"
KyleXu-MSFT answered KyleXu-MSFT commented

@Wagamama-0678

Exchange Tool is a remote control tool which doesn't hosted services, so it doesn't effected by Hafnium.

I also test in my lab, we could use different CU for Exchange server and Exchange management tool:(The management tool is CU 18, the Exchange server is CU 20)
79040-1-3.png

There doesn't exist issue with them. So, you can update Exchange server to the lasted CU without updating the Exchange tool machines.

If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


1-3.png (62.8 KiB)
· 2
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AndyDavid avatar image AndyDavid ·

thats not always true though. Sometimes if there is a mismatch of CUs ,the tools wont work.

0 Votes 0 ·
KyleXu-MSFT avatar image KyleXu-MSFT ·

@Wagamama-0678
I am writing here to confirm with you any update about this thread now?
If the above suggestion helps, please be free to mark it as an answer for helping more people.

0 Votes 0 ·