We have good news and bad news about a zero-day exploit in Microsoft Exchange servers.

Good news!

Microsoft may not have released the appropriate patch yet. Two new zero-day vulnerabilities It has been exploited in “limited and targeted attacks” against Microsoft Exchange users. Mitigation Help protect your organization.

Bad news!

Security researchers believe that Microsoft’s mitigations bypassed.

sign up for newsletter
Security news, advice and tips.

It is here video Researcher Will Dormann provides a demonstration of how the CVE-2022-41040 and CVE-2022-41082 vulnerability mitigations can be circumvented.

However, the added good news is that it is impossible for an unauthenticated user to remotely exploit the security hole. This means that a hacker trying to attack your on-premises Exchange servers must already have compromised one of your accounts. , or the user’s computer connecting to Exchange may have become infected with malware that exploits this flaw.

Additionally, previous reports suggest that the attack relied on triggering PowerShell commands, so blocking TCP ports 5985 and 5986 on the Exchange server would limit the attack’s potential.

Good news and bad news aside, it would be great if Microsoft could release a working security patch ASAP.

Did you find this article interesting? Follow Graham Cluley on Twitter To read more about the exclusive content we post.

Graham Cluley is a veteran of the antivirus industry and has worked for many security companies since the early 1990s when he created the first version of Dr. Solomon’s Antivirus Toolkit for Windows. He is now an independent security he analyst, makes regular media appearances and speaks internationally on the topics of computer he security, hackers and online he privacy. Follow him on Twitter. @gcluleyor drop him an email.



Register now for our membership to gain access to our elite training program and fast forward your career today!


Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog