Microsoft Exchange Server Elevation of Privilege Vulnerability
Leaked credentials can then be relayed against the Exchange server to gain privileges as the victim client and to perform operations on the Exchange server on the victim’s behalf.
Unpatched or Unsupported Microsoft Exchange Servers Can Expect an SMTP 450 Error
On Monday, March 24th, 2023, Microsoft announced that it is enabling a transport-based enforcement system in Exchange Online serving three functions: reporting, throttling, and blocking.