www.cybersecuritydive.com
Open in
urlscan Pro
2606:4700::6812:d05
Public Scan
URL:
https://www.cybersecuritydive.com/news/microsoft-zero-day-exchange-server/633073/
Submission: On October 02 via manual — Scanned from IT
Submission: On October 02 via manual — Scanned from IT
Form analysis
6 forms found in the DOMGET /search/
<form action="/search/" method="GET" data-ajax="false">
<label for="search-desktop">
<span class="screen-reader-text search">Search</span>
</label>
<input id="search-desktop" type="search" name="q" placeholder="Search" data-role="none">
<button type="submit" value="" data-role="none" class="analytics t-search-navigation-drawer">
<img src="/static/img/menu_icons/search.svg?320116291121" alt="search" height="16" width="16" loading="lazy">
</button>
<img class="close" src="/static/img/menu_icons/close.svg?273117231121" width="16" height="16" loading="lazy">
</form>
Name: signup — POST /signup/
<form class="form js-form-email-validate" name="signup" action="/signup/" method="POST">
<label for="id_5ea54f_email" class="email-input js-email-input">
<span class="screen-reader-text">Email:</span>
<input type="email" name="email" placeholder="Work email address" class="email" required="" id="id_5ea54f_email">
</label>
<input type="hidden" name="signup_box_location" value="elevated_footer">
<input type="hidden" name="signup_initial_url_path" value="/news/microsoft-zero-day-exchange-server/633073/">
<input type="hidden" name="js_enabled" value="1" id="id_5ea54f_js_enabled">
<ul class="signup-list list-no-bullets">
<li>
<label><span class="screen-reader-text">Select user consent:</span></label>
<input type="checkbox" name="user_consent" id="id_user_consent-elevated_footer" value="1" class="checkbox">
<label for="id_user_consent-elevated_footer">
<span class="signup-user-consent_box">
<span> By signing up to receive our newsletter, you agree to our <a href="https://www.industrydive.com/terms-of-use/" target="_blank">Terms of Use</a> and
<a href="https://www.industrydive.com/privacy-policy/" target="_blank">Privacy Policy</a>. You can unsubscribe at anytime. </span>
</span>
</label>
</li>
</ul>
<button class="button button--medium signup-button" type="submit" value="Sign up">Sign up</button>
<label class="error email_error" style="display:none;">A valid email address is required.</label>
<label class="error newsletter-error" style="display:none;">Please select at least one newsletter.</label>
</form>
Name: signup — POST /signup/
<form class="form js-form-email-validate" name="signup" action="/signup/" method="POST">
<label for="id_31e481_email" class="email-input js-email-input">
<span class="screen-reader-text">Email:</span>
<input type="email" name="email" placeholder="Work email address" class="email" required="" id="id_31e481_email">
</label>
<input type="hidden" name="signup_box_location" value="sidebar">
<input type="hidden" name="signup_initial_url_path" value="/news/microsoft-zero-day-exchange-server/633073/">
<input type="hidden" name="js_enabled" value="1" id="id_31e481_js_enabled">
<ul class="signup-list list-no-bullets">
<li>
<label><span class="screen-reader-text">Select user consent:</span></label>
<input type="checkbox" name="user_consent" id="id_user_consent-sidebar" value="1" class="checkbox">
<label for="id_user_consent-sidebar">
<span class="signup-user-consent_box">
<span> By signing up to receive our newsletter, you agree to our <a href="https://www.industrydive.com/terms-of-use/" target="_blank">Terms of Use</a> and
<a href="https://www.industrydive.com/privacy-policy/" target="_blank">Privacy Policy</a>. You can unsubscribe at anytime. </span>
</span>
</label>
</li>
</ul>
<button class="button button--medium signup-button" type="submit" value="Sign up">Sign up</button>
<label class="error email_error" style="display:none;">A valid email address is required.</label>
<label class="error newsletter-error" style="display:none;">Please select at least one newsletter.</label>
</form>
Name: signup — POST /signup/
<form class="form js-form-email-validate" name="signup" action="/signup/" method="POST">
<label for="id_8eea3_email" class="email-input js-email-input">
<span class="screen-reader-text">Email:</span>
<input type="email" name="email" placeholder="Work email address" class="email" required="" id="id_8eea3_email">
</label>
<input type="hidden" name="signup_box_location" value="elevated_footer">
<input type="hidden" name="signup_initial_url_path" value="/news/microsoft-zero-day-exchange-server/633073/">
<input type="hidden" name="js_enabled" value="1" id="id_8eea3_js_enabled">
<ul class="signup-list list-no-bullets">
<li>
<label><span class="screen-reader-text">Select user consent:</span></label>
<input type="checkbox" name="user_consent" id="id_user_consent-elevated_footer" value="1" class="checkbox">
<label for="id_user_consent-elevated_footer">
<span class="signup-user-consent_box">
<span> By signing up to receive our newsletter, you agree to our <a href="https://www.industrydive.com/terms-of-use/" target="_blank">Terms of Use</a> and
<a href="https://www.industrydive.com/privacy-policy/" target="_blank">Privacy Policy</a>. You can unsubscribe at anytime. </span>
</span>
</label>
</li>
</ul>
<button class="button button--medium signup-button" type="submit" value="Sign up">Sign up</button>
<label class="error email_error" style="display:none;">A valid email address is required.</label>
<label class="error newsletter-error" style="display:none;">Please select at least one newsletter.</label>
</form>
GET /search/
<form action="/search/" method="GET" data-ajax="false">
<label for="search-mobile">
<span class="screen-reader-text">Search</span>
<input id="search-mobile" type="search" name="q" placeholder="Search" data-role="none">
</label>
<button type="submit" value="" data-role="none" class="analytics t-search-navigation-mobile">
<img src="/static/img/menu_icons/search.svg?320116291121" width="15" height="15" alt="search">
</button>
</form>
Name: signup — POST /signup/
<form class="form js-form-email-validate" name="signup" action="/signup/" method="POST">
<label for="id_4fb052_email" class="email-input js-email-input">
<span class="screen-reader-text">Email:</span>
<input type="email" name="email" placeholder="Work email address" class="email" required="" id="id_4fb052_email">
</label>
<input type="hidden" name="signup_box_location" value="integrated_menu">
<input type="hidden" name="signup_initial_url_path" value="/news/microsoft-zero-day-exchange-server/633073/">
<input type="hidden" name="js_enabled" value="1" id="id_4fb052_js_enabled">
<ul class="signup-list list-no-bullets">
<li>
<label><span class="screen-reader-text">Select user consent:</span></label>
<input type="checkbox" name="user_consent" id="id_user_consent-integrated_menu" value="1" class="checkbox">
<label for="id_user_consent-integrated_menu">
<span class="signup-user-consent_box">
<span> By signing up to receive our newsletter, you agree to our <a href="https://www.industrydive.com/terms-of-use/" target="_blank">Terms of Use</a> and
<a href="https://www.industrydive.com/privacy-policy/" target="_blank">Privacy Policy</a>. You can unsubscribe at anytime. </span>
</span>
</label>
</li>
</ul>
<button class="button button--medium signup-button" type="submit" value="Sign up">Sign up</button>
<label class="error email_error" style="display:none;">A valid email address is required.</label>
<label class="error newsletter-error" style="display:none;">Please select at least one newsletter.</label>
</form>
Text Content
Skip to main content CONTINUE TO SITE ➞ * Deep Dive * Library * Topics Menu * Search * Sign up Search * Strategy * Breaches * Vulnerability * Cyberattacks * Threats * Leadership & Careers * Policy & Regulation An article from Dive Brief MICROSOFT INVESTIGATING 2 ZERO-DAY VULNERABILITIES IN EXCHANGE SERVER One vulnerability is a server-side request forgery, while the second allows remote-code execution when an attacker has access to PowerShell. Published Sept. 30, 2022 David Jones Reporter * * * * * A picture of the Microsoft campus in Redmond, Washington. Stephen Brashear/Stringer via Getty Images Listen to the article 2 min This audio is auto-generated. Please let us know if you have feedback. DIVE BRIEF: * Microsoft is investigating reports of two zero-day vulnerabilities affecting Microsoft Exchange Server 2013, 2016 and 2019, according to a blog post issued Friday. The vulnerabilities do not affect Microsoft Exchange Online Customers. * The first vulnerability, CVE-2022-41040, is a server-side request forgery vulnerability, Microsoft said. The second, CVE-2022-41082, allows remote-code execution when a threat actor has access to PowerShell. * Microsoft confirmed it was aware of limited targeted incidents with attackers using the two vulnerabilities to compromise systems. During the incidents, an attacker can use CVE-2022-41040 to allow an authenticated attacker to remotely trigger CVE-2022-41082. DIVE INSIGHT: Security researcher Kevin Beaumont on Thursday retweeted a report from GTSC Cyber Security, which originally said it first detected exploitation of a new zero day in August. The GTSC report noted that researchers detected webshells dropped to Exchange servers and said the attacker was using Antsword, a Chinese-based open source website administration tool. Beaumont said significant numbers of Exchange servers had been backdoored — including a honeypot. Researchers noted similarities to ProxyShell, which emerged in 2021, however after additional investigation they said this was a new vulnerability. Researchers from Huntress said they are actively looking for red flags and potential signs of exploitation. Microsoft stressed that authenticated access is necessary to exploit either of the two vulnerabilities. * post * share * tweet * print * email Filed Under: Vulnerability CYBERSECURITY DIVE NEWS DELIVERED TO YOUR INBOX Get the free daily newsletter read by industry experts Email: * Select user consent: By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at anytime. Sign up A valid email address is required. Please select at least one newsletter. EDITORS’ PICKS * Layla Bird via Getty Images SECURITY PROFESSIONALS ARE BURNED OUT. HERE ARE 5 WAYS TO HELP THEM. Addressing the causes of burnout requires a top-down approach that better aligns security teams with the rest of the business. By Brian Eastwood • April 18, 2022 * atiatiati via Getty Images WHAT CYBER INSURANCE COMPANIES WANT FROM CLIENTS Insurers evaluate how a company leverages technology and what internal standards are in place to manage risk. By Sue Poremba • April 28, 2022 GET THE FREE NEWSLETTER Subscribe to Cybersecurity Dive for top news, trends & analysis Email: * Select user consent: By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at anytime. Sign up A valid email address is required. Please select at least one newsletter. MOST POPULAR 1. Vice Society raises ransomware pressure on Los Angeles school district 2. Microsoft investigating 2 zero-day vulnerabilities in Exchange Server 3. American Airlines phishing attack involved unauthorized access to Microsoft 365 4. C-suite, boards are prioritizing cybersecurity, but still expect increased threats COMPANY ANNOUNCEMENTS * Paperclip, Inc. Selects Chad F. Walter as Chief Revenue Officer From Paperclip, Inc. * TSA Trials aXite Security Tools’ OT Cyber Security Solution to Protect Legacy Security Screeni… From aXite Security Tools * Echelon Risk + Cyber Welcomes Kaushik Kiran as Director of vCISO and Cyber Strategy Services From Echelon Risk + Cyber * Paperclip SAFE Disrupts Data Security Industry Using Encryption-In-Use Technology to Prevent D… From Paperclip, Inc. View all | Post a press release CYBERSECURITY DIVE NEWS DELIVERED TO YOUR INBOX Get the free daily newsletter read by industry experts Email: * Select user consent: By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at anytime. Sign up A valid email address is required. Please select at least one newsletter. COMPANY ANNOUNCEMENTS View all | Post a press release Paperclip, Inc. Selects Chad F. Walter as Chief Revenue Officer From Paperclip, Inc. September 26, 2022 TSA Trials aXite Security Tools’ OT Cyber Security Solution to Protect Legacy Security Screeni… From aXite Security Tools September 27, 2022 Echelon Risk + Cyber Welcomes Kaushik Kiran as Director of vCISO and Cyber Strategy Services From Echelon Risk + Cyber September 27, 2022 Paperclip SAFE Disrupts Data Security Industry Using Encryption-In-Use Technology to Prevent D… From Paperclip, Inc. September 26, 2022 Editors’ picks * Layla Bird via Getty Images SECURITY PROFESSIONALS ARE BURNED OUT. HERE ARE 5 WAYS TO HELP THEM. Addressing the causes of burnout requires a top-down approach that better aligns security teams with the rest of the business. By Brian Eastwood • April 18, 2022 * atiatiati via Getty Images WHAT CYBER INSURANCE COMPANIES WANT FROM CLIENTS Insurers evaluate how a company leverages technology and what internal standards are in place to manage risk. By Sue Poremba • April 28, 2022 Latest in Vulnerability * Microsoft investigating 2 zero-day vulnerabilities in Exchange Server By David Jones * Strict security rules could push open source community out of federal work, expert says By David Jones * Organizations rapidly shift tactics to secure the software supply chain By David Jones * White House guidance on third-party software seen as a major test of cyber risk strategy By David Jones -------------------------------------------------------------------------------- * * * * EXPLORE * About * Editorial Team * Contact Us * Newsletter * Article Reprints * Press Releases * What We’re Reading REACH OUR AUDIENCE * Advertising * Post a press release RELATED PUBLICATIONS * CIO Dive -------------------------------------------------------------------------------- © 2022 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy. Cookie Preferences / Do Not Sell Search * Home * Topics * Strategy * Breaches * Vulnerability * Cyberattacks * Threats * Leadership & Careers * Policy & Regulation * Deep Dive * Library GET CYBERSECURITY DIVE IN YOUR INBOX The free newsletter covering the top industry headlines Email: * Select user consent: By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at anytime. Sign up A valid email address is required. Please select at least one newsletter.