As part of Patch Tuesday, Microsoft and Adobe each released over 70 fixes for security flaws in their products. One of the Microsoft patches addresses a privilege escalation vulnerability affecting Microsoft’s Exchange server, which is likely to be under active exploitation.
According to Dustin Childs of Trend Micro, the flaw “allows a regular user to escalate privileges to any other user on an Exchange server,” which can enable them to “take over an account to send mail as a part of a phishing campaign, or […] take over the server”. Last year, a record number of over 16,500 vulnerabilities were published and security experts believe this year might see even more flaws being discovered.
Read more: Microsoft, Adobe Both Close More Than 70 Security Issues