Skip to content

Recent Posts

  • Reset passwords for Active Directory Users
  • Finding Exchange Database hidden mailboxes. ​
  • Setting up ADConnect and PTA (Password auth through) servers agents behind proxy
  • Get Report of Active Directory Locked Accounts and Machine they logged in from
  • Checking and Providing Full and SendAs delegate access on O365 Exchange Online

Most Used Categories

  • Microsoft (82)
    • Microsoft Exchange (39)
      • Exchange 2016 (14)
      • Exchange 2019 (14)
    • Active Directory (25)
  • Office 365 (34)
    • Exchange Online (15)
  • Security (15)
  • Microsoft Azure (15)
  • Powershell (19)
Skip to content

Welcome to Mohammed Hamada's Site

The Troubleshooting Guy

Subscribe
  • Consultation
  • Microsoft
    • DFS
    • KMS
    • Office 365
      • Microsoft ADFS
      • Exchange Online
      • Microsoft Teams
      • Skype for Business
    • Microsoft Azure
      • Microsoft Azure Active Directory Sync
      • Licensing
      • ATP
      • WVD
    • ADMT
  • Virtualization
  • VoIP
    • Lync
    • Asterisk
  • PowerShell Corner
  • Security
    • Auditing
    • Pfsense
  • Contact me
  • Certification and Awards
  • Home
  • Security
  • Microsoft Exchange 2010 SP3 Link HACKED

Microsoft Exchange 2010 SP3 Link HACKED

moh10lyApril 30, 2020May 1, 2020

Update: Microsoft replied to me and fixed the link. see screenshot below

WATCH Microsoft Exchange URL Hacked

If you have Exchange 2010 SP3 and planning to download the latest Rollup , Google will take you to the following link

https://www.microsoft.com/en-us/download/details.aspx?id=100910

Once you click on that link to download the RollUp update, You might want to check the system requirements links and that would list two main links

  • Exchange 2010 System Requirements
  • Exchange 2010 Prerequisites

image

The Exchange 2010 Prerequisites link will first redirect you to this URL which has an expired certificate.

http://www.microsoftpinpoint.com/

And that will then redirect you to this link (Seems to be a Chinese website)

http://123.wo80.com/

Luckily the antivirus managed to catch and block this page however, on any server that’s not running any antivirus this would certainly infect the server.

Phishing Alert!

image

image

Video here

Contacting Microsoft

After I got in contact with Microsoft about the issue. Microsoft replied stating they have informed their security team and fixed the issue.

Exchange 2010, Phishing, Security

Post navigation

Previous: Azure RDWEB page is blank when accessing it with authorized users
Next: Onboarding Linux Client (DEEPIN) to Microsoft Azure Threat protection ATP using ubuntu repository

Related Posts

Finding Exchange Database hidden mailboxes. ​

December 24, 2022December 27, 2022 moh10ly

Setting up ADConnect and PTA (Password auth through) servers agents behind proxy

December 24, 2022December 24, 2022 moh10ly

Get Report of Active Directory Locked Accounts and Machine they logged in from

November 21, 2022November 21, 2022 moh10ly

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Search for something

Recent Posts

  • Reset passwords for Active Directory Users
  • Finding Exchange Database hidden mailboxes. ​
  • Setting up ADConnect and PTA (Password auth through) servers agents behind proxy
  • Get Report of Active Directory Locked Accounts and Machine they logged in from
  • Checking and Providing Full and SendAs delegate access on O365 Exchange Online
  • Retrieving attachments from Exchange mailbox using python
  • 550 relay not permitted distribution group contact
  • Script to delete all DPM 2019 recovery points

Recent Comments

  • B on SoftEther – Fixing connecting to localhost 5555
  • Denise Diaz on Reset passwords for Active Directory Users
  • Les Gray on Replication after tombstone life expired
  • jimmyj on Search and Delete certain Items/Folders from a Mailbox
  • moh10ly on How to Sync Cloud User to On-premises AD ?

Archives

  • December 2022
  • November 2022
  • January 2022
  • December 2021
  • May 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019

Archives

  • December 2022
  • November 2022
  • January 2022
  • December 2021
  • May 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019

Categories

  • Active Directory
  • ADFS
  • ADMT
  • Asterisk
  • ATP
  • Auditing
  • AZURE
  • Cloud
  • Communication
  • CRM Dynamics
  • CrossForest Migration
  • DFS
  • DNS
  • DPM
  • Exchange 2010
  • Exchange 2013
  • Exchange 2016
  • Exchange 2019
  • Exchange Online
  • Google Chat
  • Infrastructure
  • KMS
  • Licensing
  • Linux
  • Lync
  • Mail
  • Microsoft
  • Microsoft AD Group Policy
  • Microsoft ADFS
  • Microsoft Azure
  • Microsoft Azure Active Directory Sync
  • Microsoft Exchange
  • Microsoft Teams
  • Monitoring
  • Networking
  • Office 365
  • Pentest
  • Pfsense
  • PKI
  • Plesk
  • Powershell
  • Python
  • RDS
  • Scripting
  • Security
  • Skype for Business
  • Skype4Business
  • Ubuntu
  • Uncategorized
  • Virtualization
  • VoIP
  • VPN
  • Windows 10
  • Windows Server
  • Windows Server 2019
  • Windows Virtual Desktop
  • WordPress
  • WVD

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org
Copyright All Rights Reserved | Theme: BlockWP by Candid Themes.