Update - Pulsant are working with the circuit provider to mitigate any further occurrence and have escalated to their vendor. Services continue to remain stable.
Nov 23, 2022 - 14:23 GMT
Update - We are continuing to work on a fix for this issue.
Nov 23, 2022 - 14:18 GMT
Identified - Pulsant is continuing to investigate root cause with our supplier. Services continue to remain stable.
Nov 23, 2022 - 11:21 GMT
Investigating - Pulsant are investigating a brief Network interruption at approx 08:15 on 23rd November 2022. Whilst service has restored, further investigation to root cause is ongoing.
Nov 23, 2022 - 08:52 GMT
Investigating - Pulsant are aware of the Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516.

For the up-to-date information, please visit -
https://support.citrix.com/article/CTX463706/citrix-gateway-and-citrix-adc-security-bulletin-for-cve202227510-cve202227513-and-cve202227516

Nov 10, 2022 - 19:46 GMT
Update - Microsoft has released their November 2022 security update for Exchange Server, which includes fixes for this zero-day vulnerability. (CVE-2022-41040 and CVE-2022-41082)



Pulsant urge our clients to review the information on the Microsoft download page, and install this critical fix for all of your Microsoft Exchange Servers. https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-november-8-2022-kb5019758-2b3b039b-68b9-4f35-9064-6b286f495b1d



For Pulsant Managed clients, we will be in contact shortly to schedule the update.

Nov 10, 2022 - 11:22 GMT
Update - We are continuing to work on a fix for this issue.
Oct 05, 2022 - 09:54 BST
Update - Overnight, Microsoft have updated their recommendations and stated that the revised regex should be applied.


Follow this link for official MS guidance:
https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/

Sep 30, 2022 - 12:31 BST
Update - Microsoft have now publicly acknowledged the zero-day, and are supplementing the URL rewrite remediation step with a second recommendation.

Authenticated attackers who can access PowerShell Remoting on vulnerable Exchange systems will be able to trigger remote code injection using CVE-2022-41082. Blocking the ports used for Remote PowerShell can limit these attacks.

HTTP: 5985
HTTPS: 5986

Pulsant recommend adding this to any remediation action. The PowerShell port blocking should only need to be done for inbound requests going to the Exchange server infrastructure.

Sep 30, 2022 - 12:25 BST
Update - We are continuing to monitor the situation
Sep 30, 2022 - 12:23 BST
Identified - Pulsant Cyber Security have become aware of a zero-day vulnerability affecting MS Exchange Servers (On Premise). As a zero-day vulnerability, there is no available vendor patch at this time.

**UPDATE 31/10/2022 WORK AROUND NO LONGER VALID** As a temporary workaround (until patches are released), clients may wish to add an IIS (internet information services) server rule to temporarily block exploitation attempts via the URL rewrite rule module.

1. In Autodiscover at FrontEnd, select tab URL Rewrite, and then Request Blocking.
2. Add string “.*autodiscover\.json.*\@.*Powershell.*“ to the URL Path.
3. Condition input: Choose {REQUEST_URI}

Once patches are released from Microsoft, it is recommended that a patch is applied without delay.

Pulsant Cyber Security will continue to closely monitor this situation and provide updates.

Useful Links: https://www.automox.com/blog/zero-day-microsoft-exchange

Sep 30, 2022 - 12:22 BST

About This Site

We are the UK’s leading colocation and cloud infrastructure provider.

We provide colocation and cloud infrastructure services from our 10 regional data centres, including integration and management of public cloud, with a core focus on availability, security and connectivity.

Business Continuity Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Asigra) Edinburgh Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Asigra) Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Asigra) Newcastle Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Asigra) Reading Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Veeam) Edinburgh Operational
90 days ago
100.0 % uptime
Today
Cloud Backup (Veeam) Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Disaster Recovery Operational
90 days ago
100.0 % uptime
Today
Data Centre Services Operational
90 days ago
99.99 % uptime
Today
Edinburgh Medway Operational
90 days ago
100.0 % uptime
Today
Edinburgh Newbridge Operational
90 days ago
100.0 % uptime
Today
Edinburgh South Gyle Operational
90 days ago
100.0 % uptime
Today
Glasgow Operational
90 days ago
100.0 % uptime
Today
Maidenhead Operational
90 days ago
100.0 % uptime
Today
Manchester Operational
90 days ago
99.95 % uptime
Today
Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Newcastle Central Operational
90 days ago
100.0 % uptime
Today
Newcastle East Operational
90 days ago
100.0 % uptime
Today
Reading Operational
90 days ago
100.0 % uptime
Today
Sheffield Operational
90 days ago
100.0 % uptime
Today
South London Operational
90 days ago
100.0 % uptime
Today
Managed Cloud Operational
90 days ago
99.99 % uptime
Today
Azure Operational
90 days ago
100.0 % uptime
Today
AWS Operational
90 days ago
100.0 % uptime
Today
Cloud Storage Edinburgh Operational
90 days ago
100.0 % uptime
Today
Cloud Storage Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Cloud Storage Newcastle Central Operational
90 days ago
100.0 % uptime
Today
Cloud Storage Newcastle East Operational
90 days ago
100.0 % uptime
Today
Cloud Storage Reading Operational
90 days ago
100.0 % uptime
Today
Managed Office 365 Operational
90 days ago
100.0 % uptime
Today
Pulsant Enterprise Cloud (PEC) Edinburgh Operational
90 days ago
100.0 % uptime
Today
Pulsant Enterprise Cloud (PEC) Milton Keynes Operational
90 days ago
100.0 % uptime
Today
Pulsant Enterprise Cloud (PEC) Newcastle Central Operational
90 days ago
100.0 % uptime
Today
Pulsant Enterprise Cloud (PEC) Newcastle East Operational
90 days ago
100.0 % uptime
Today
Pulsant Enterprise Cloud (PEC) Reading Operational
90 days ago
100.0 % uptime
Today
Cloud Desktop Milton Keynes Operational
90 days ago
99.95 % uptime
Today
Cloud Desktop Edinburgh Operational
90 days ago
100.0 % uptime
Today
Email Security Services Operational
90 days ago
100.0 % uptime
Today
Managed Networks Operational
90 days ago
99.96 % uptime
Today
Cloud Connect Operational
90 days ago
100.0 % uptime
Today
Maidenhead Operational
90 days ago
100.0 % uptime
Today
Medway Operational
90 days ago
100.0 % uptime
Today
Milton Keynes Operational
90 days ago
99.85 % uptime
Today
Newcastle Operational
90 days ago
100.0 % uptime
Today
Newbridge Operational
90 days ago
100.0 % uptime
Today
Reading Operational
90 days ago
100.0 % uptime
Today
South Gyle Operational
90 days ago
100.0 % uptime
Today
South London Operational
90 days ago
100.0 % uptime
Today
South Yorkshire Operational
90 days ago
100.0 % uptime
Today
Leased Lines Operational
90 days ago
99.91 % uptime
Today
xDSL Services Operational
90 days ago
100.0 % uptime
Today
IP Transit Operational
90 days ago
100.0 % uptime
Today
Data Centre Failover Operational
90 days ago
100.0 % uptime
Today
Content Delivery Network (CDN) Operational
90 days ago
100.0 % uptime
Today
Cloud Fabric Operational
90 days ago
100.0 % uptime
Today
Data Centre Connect Operational
90 days ago
100.0 % uptime
Today
Metro Connect Operational
90 days ago
100.0 % uptime
Today
Optical Connect Operational
90 days ago
99.48 % uptime
Today
Managed Security Operational
90 days ago
100.0 % uptime
Today
Cloud Protect Operational
90 days ago
100.0 % uptime
Today
DDoS Protect Operational
90 days ago
100.0 % uptime
Today
Threat Intelligence Alert Operational
Operational
Degraded Performance
Partial Outage
Major Outage
Maintenance
Major outage
Partial outage
No downtime recorded on this day.
No data exists for this day.
had a major outage.
had a partial outage.