National Security Agency and Microsoft have recently published a bulletin regarding Exchange vulnerabilities: CVE-2021-28480 and CVE-2021-28481. The exploits allow for remote code execution have already been used by various criminal groups to gain unauthorized access to US computer networks.
Oliphant does not use the affected Exchange product
We urge all our technology partners to employ measures against email oriented attacks, as we predict it might take a few months for the industry to adopt required patches. Please note, that your email communication with Oliphant will be subject to additional checks and might require additional confirmation before delivery.
If you suspect that your emails are affected, please reach out to us to conduct a deliverability test.
A complete statement from Microsoft Security Response Center is available at https://msrc-blog.microsoft.com/2021/04/13/april-2021-update-tuesday-packages-now-available/
Tom Pawelek / Chief Technology Officer