Cyber Security

Security Alert: NEW Microsoft Exchange zero-day vulnerabilities

It appears two new Microsoft Exchange Zero-Day vulnerabilities are being exploited in the wild.

Microsoft Exchange

While the exploitation is not yet confirmed, attacks have been launched on fully patched Exchange servers affecting companies and organisations. If you run Microsoft Exchange on-premises and have Outlook Web App (OWA) facing the internet, the chances are you are impacted. We will keep monitoring the situation and update you with more information.

As a workaround, we advise IT departments to remove the Outlook Web App (OWA) resource from facing the internet and offer it securely via a VPN tunnel until Microsoft releases a patch remediating the issue.

UPDATE #1 (30/9/22)

Microsoft has confirmed the vulnerabilities by providing the below customer guidance in a report published on their Security Response Center:

UPDATE #2 (1/10/22)

Microsoft Security Threat Intelligence blog has been updated concerning the CVE-2022-41040 and CVE-2022-41082 zero-day vulnerabilities. In this new post, the vendor provides a number of Mitigation steps for Microsoft Exchange Server customers using M365 Defender:

UPDATE #3 (8/10/22)

The vendor has updated the Customer Guidance for the Reported Zero-day Vulnerabilities in Microsoft Exchange Server: