@dbeato said in Substantial OnPremise Exchange Vulnerabilities announced yesterday Patch Immediately:

@DustinB3403 Yeah, Exchange 2013 and over. You have to also be on the last 2 Cumulative Updates from Exchange 2013, 2016 or 2019. For 2019 You only can get the updates through Microsoft Volume Licensing.

Yeah, a customer attempted an update from 2016 CU15.1 to CU19, it errored out on the last step, they restored (bad move) and had some mail flow issues for a bit.

But they are back online now

@mlnews YAY! now I can get drunk for less $!!!

The below powershell should pull logs from your Exchange server to see if you've been compromised.

Import-Csv -Path (Get-ChildItem -Recurse -Path "$env:PROGRAMFILES\Microsoft\Exchange Server\V15\Logging\HttpProxy" -Filter '*.log').FullName | Where-Object {  $_.AuthenticatedUser -eq '' -and $_.AnchorMailbox -like 'ServerInfo~*/*' } | select DateTime, AnchorMailbox

AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26855
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26857
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26858
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27065

Getting remediation steps documented for client vulnerability issues from a security scan some time ago. Waiting for a call back.

@scottalanmiller said in What Are You Doing Right Now:

Quiet morning around ML! Wow, where is everyone?

Consuming caffeine.

@Dashrender said in What Are You Doing Right Now:

@scottalanmiller said in What Are You Doing Right Now:

I've had all four (AndroidTV, FireTV, AppleTV and Roku.) Moving to AppleTV and Roku as the only two going forward. FireTV was better than AndroidTV, but found it too slow and buggy, too. AppleTV is far from perfect, but I'm leaning towards it because it has some nice additional features now.

Such as?

Apple airplay is a decent feature if you're an Apple user.

@siringo said in What Are You Doing Right Now:

@Dashrender said in What Are You Doing Right Now:

@siringo said in What Are You Doing Right Now:

can anyone suggest an android tv box I can plug into the TV? nothing expensive, just something that works. just for streaming services.

why android TV?

because I don't know what i'm doing?

we got an apple tv but it's not very useful, it makes searching through things too hard.

enlighten me.

Roku works well and start at $35

As some guidance (and I posted this on the FR above) Snipe-IT already has 2FA built in, and is built on Laravel and PHP as well. So taking the code and making it work with Bookstack is likely a relatively small ask for anyone with the programming chops.

@scottalanmiller said in Adding 2FA to BookStack Wiki:

@DustinB3403 said in Adding 2FA to BookStack Wiki:

This has been an open feature request for a while. .

Yeah, that I know. I'm figuring that getting it built in isn't going to be an option, potentially ever. Another reason that we use Zoho instead of Bookstack internally.

Why not take some of the development team you have and task them with getting this created as a PR for the project?