Cybercriminals have exploited two 0-day Exchange Server vulnerabilities in real-life attacks as a result of unpatched Exchange Server zero-day vulnerabilities that have not been patched, as confirmed by Microsoft.
Back in August 2022, the Vietnamese security company GTSC was the first one to discover that Microsoft Exchange had vulnerabilities.
Starting in early August 2022, these two zero-day vulnerabilities had been exploited by the attackers to attack their customers’ environments.
The two vulnerabilities identified are as follows:-
Based on recent reports, Microsoft is aware of a limited number of targeted attacks used to breach users’ systems by exploiting these vulnerabilities.
In order to exploit either of the two vulnerabilities successfully, an attacker would need to have access to an Exchange Server that is vulnerable.
Microsoft Exchange Server 2013, 2016, and 2019 are all affected by these vulnerabilities which have an impact on on-premises deployments.
By exploiting these vulnerabilities successfully, hackers are able to accomplish the following things:-
While apart from this, Microsoft has claimed that they are steadily working to release a fix as soon as possible. However, there are protections built into Microsoft Exchange Online that enable customers to be protected from risks like these.
To ensure the safety of its customers, Microsoft will respond accordingly, since Microsoft is constantly observing all these detections for any malicious activity.
The current mitigation method for Exchange Server concerns the addition of a blocking rule which does the following:-
IIS Manager -> Default Web Site -> URL Rewrite -> Actions
As a result, known attack patterns are blocked in order to prevent attacks from occurring.
There is as yet no information on the technical details about the security holes that were exploited before the release of the fixes, as the company declined to comment on it.
Cyber Attack with Zero Trust Networking – Download Free E-Book
By fusing agentic AI and contextual threat intelligence, SecAI transforms investigation from a bottleneck into…
According to IBM Security annual research, "Cost of a Data Breach Report 2024", an average…
A critical security flaw in NVIDIA's Riva framework, an AI-powered speech and translation service, has…
CISA officially added a significant security flaw affecting Broadcom’s Brocade Fabric OS to its authoritative…
A critical vulnerability in Apple’s AirPlay protocol, dubbed AirBorne, has exposed over 2.35 billion active…
A critical vulnerability in Google Chrome has recently been discovered that allows malicious actors to…