www.cybersecuritydive.com
Open in
urlscan Pro
2606:4700::6812:d05
Public Scan
URL:
https://www.cybersecuritydive.com/news/microsoft-zero-day-exchange-server/633073/
Submission: On October 02 via manual — Scanned from IT
Submission: On October 02 via manual — Scanned from IT
Form analysis 6 forms found in the DOM
GET /search/
<form action="/search/" method="GET" data-ajax="false">
<label for="search-desktop">
<span class="screen-reader-text search">Search</span>
</label>
<input id="search-desktop" type="search" name="q" placeholder="Search" data-role="none">
<button type="submit" value="" data-role="none" class="analytics t-search-navigation-drawer">
<img src="/static/img/menu_icons/search.svg?320116291121" alt="search" height="16" width="16" loading="lazy">
</button>
<img class="close" src="/static/img/menu_icons/close.svg?273117231121" width="16" height="16" loading="lazy">
</form>Name: signup — POST /signup/
<form class="form js-form-email-validate" name="signup" action="/signup/" method="POST">
<label for="id_5ea54f_email" class="email-input js-email-input">
<span class="screen-reader-text">Email:</span>
<input type="email" name="email" placeholder="Work email address" class="email" required="" id="id_5ea54f_email">
</label>
<input type="hidden" name="signup_box_location" value="elevated_footer">
<input type="hidden" name="signup_initial_url_path" value="/news/microsoft-zero-day-exchange-server/633073/">
<input type="hidden" name="js_enabled" value="1" id="id_5ea54f_js_enabled">
<ul class="signup-list list-no-bullets">
<li>
<label><span class="screen-reader-text">Select user consent:</span></label>
<input type="checkbox" name="user_consent" id="id_user_consent-elevated_footer" value="1" class="checkbox">
<label for="id_user_consent-elevated_footer">
<span class="signup-user-consent_box">
<span> By signing up to receive our newsletter, you agree to our <a href="https://www.industrydive.com/terms-of-use/" target="_blank">Terms of Use</a> and
<a href="https://www.industrydive.com/privacy-policy/" target="_blank">Privacy Policy</a>. You can unsubscribe at anytime. </span>
</span>
</label>
</li>
</ul>
<button class="button button--medium signup-button" type="submit" value="Sign up">Sign up</button>
<label class="error email_error" style="display:none;">A valid email address is required.</label>
<label class="error newsletter-error" style="display:none;">Please select at least one newsletter.</label>
</form>Name: signup — POST /signup/
<form class="form js-form-email-validate" name="signup" action="/signup/" method="POST">
<label for="id_31e481_email" class="email-input js-email-input">
<span class="screen-reader-text">Email:</span>
<input type="email" name="email" placeholder="Work email address" class="email" required="" id="id_31e481_email">
</label>
<input type="hidden" name="signup_box_location" value="sidebar">
<input type="hidden" name="signup_initial_url_path" value="/news/microsoft-zero-day-exchange-server/633073/">
<input type="hidden" name="js_enabled" value="1" id="id_31e481_js_enabled">
<ul class="signup-list list-no-bullets">
<li>
<label><span class="screen-reader-text">Select user consent:</span></label>
<input type="checkbox" name="user_consent" id="id_user_consent-sidebar" value="1" class="checkbox">
<label for="id_user_consent-sidebar">
<span class="signup-user-consent_box">
<span> By signing up to receive our newsletter, you agree to our <a href="https://www.industrydive.com/terms-of-use/" target="_blank">Terms of Use</a> and
<a href="https://www.industrydive.com/privacy-policy/" target="_blank">Privacy Policy</a>. You can unsubscribe at anytime. </span>
</span>
</label>
</li>
</ul>
<button class="button button--medium signup-button" type="submit" value="Sign up">Sign up</button>
<label class="error email_error" style="display:none;">A valid email address is required.</label>
<label class="error newsletter-error" style="display:none;">Please select at least one newsletter.</label>
</form>Name: signup — POST /signup/
<form class="form js-form-email-validate" name="signup" action="/signup/" method="POST">
<label for="id_8eea3_email" class="email-input js-email-input">
<span class="screen-reader-text">Email:</span>
<input type="email" name="email" placeholder="Work email address" class="email" required="" id="id_8eea3_email">
</label>
<input type="hidden" name="signup_box_location" value="elevated_footer">
<input type="hidden" name="signup_initial_url_path" value="/news/microsoft-zero-day-exchange-server/633073/">
<input type="hidden" name="js_enabled" value="1" id="id_8eea3_js_enabled">
<ul class="signup-list list-no-bullets">
<li>
<label><span class="screen-reader-text">Select user consent:</span></label>
<input type="checkbox" name="user_consent" id="id_user_consent-elevated_footer" value="1" class="checkbox">
<label for="id_user_consent-elevated_footer">
<span class="signup-user-consent_box">
<span> By signing up to receive our newsletter, you agree to our <a href="https://www.industrydive.com/terms-of-use/" target="_blank">Terms of Use</a> and
<a href="https://www.industrydive.com/privacy-policy/" target="_blank">Privacy Policy</a>. You can unsubscribe at anytime. </span>
</span>
</label>
</li>
</ul>
<button class="button button--medium signup-button" type="submit" value="Sign up">Sign up</button>
<label class="error email_error" style="display:none;">A valid email address is required.</label>
<label class="error newsletter-error" style="display:none;">Please select at least one newsletter.</label>
</form>GET /search/
<form action="/search/" method="GET" data-ajax="false">
<label for="search-mobile">
<span class="screen-reader-text">Search</span>
<input id="search-mobile" type="search" name="q" placeholder="Search" data-role="none">
</label>
<button type="submit" value="" data-role="none" class="analytics t-search-navigation-mobile">
<img src="/static/img/menu_icons/search.svg?320116291121" width="15" height="15" alt="search">
</button>
</form>Name: signup — POST /signup/
<form class="form js-form-email-validate" name="signup" action="/signup/" method="POST">
<label for="id_4fb052_email" class="email-input js-email-input">
<span class="screen-reader-text">Email:</span>
<input type="email" name="email" placeholder="Work email address" class="email" required="" id="id_4fb052_email">
</label>
<input type="hidden" name="signup_box_location" value="integrated_menu">
<input type="hidden" name="signup_initial_url_path" value="/news/microsoft-zero-day-exchange-server/633073/">
<input type="hidden" name="js_enabled" value="1" id="id_4fb052_js_enabled">
<ul class="signup-list list-no-bullets">
<li>
<label><span class="screen-reader-text">Select user consent:</span></label>
<input type="checkbox" name="user_consent" id="id_user_consent-integrated_menu" value="1" class="checkbox">
<label for="id_user_consent-integrated_menu">
<span class="signup-user-consent_box">
<span> By signing up to receive our newsletter, you agree to our <a href="https://www.industrydive.com/terms-of-use/" target="_blank">Terms of Use</a> and
<a href="https://www.industrydive.com/privacy-policy/" target="_blank">Privacy Policy</a>. You can unsubscribe at anytime. </span>
</span>
</label>
</li>
</ul>
<button class="button button--medium signup-button" type="submit" value="Sign up">Sign up</button>
<label class="error email_error" style="display:none;">A valid email address is required.</label>
<label class="error newsletter-error" style="display:none;">Please select at least one newsletter.</label>
</form>Text Content
Skip to main content
CONTINUE TO SITE ➞
* Deep Dive
* Library
* Topics
Menu
* Search
* Sign up
Search
* Strategy
* Breaches
* Vulnerability
* Cyberattacks
* Threats
* Leadership & Careers
* Policy & Regulation
An article from
Dive Brief
MICROSOFT INVESTIGATING 2 ZERO-DAY VULNERABILITIES IN EXCHANGE SERVER
One vulnerability is a server-side request forgery, while the second allows
remote-code execution when an attacker has access to PowerShell.
Published Sept. 30, 2022
David Jones Reporter
*
*
*
*
*
A picture of the Microsoft campus in Redmond, Washington. Stephen
Brashear/Stringer via Getty Images
Listen to the article 2 min
This audio is auto-generated. Please let us know if you have feedback.
DIVE BRIEF:
* Microsoft is investigating reports of two zero-day vulnerabilities affecting
Microsoft Exchange Server 2013, 2016 and 2019, according to a blog post
issued Friday. The vulnerabilities do not affect Microsoft Exchange Online
Customers.
* The first vulnerability, CVE-2022-41040, is a server-side request forgery
vulnerability, Microsoft said. The second, CVE-2022-41082, allows remote-code
execution when a threat actor has access to PowerShell.
* Microsoft confirmed it was aware of limited targeted incidents with attackers
using the two vulnerabilities to compromise systems. During the incidents, an
attacker can use CVE-2022-41040 to allow an authenticated attacker to
remotely trigger CVE-2022-41082.
DIVE INSIGHT:
Security researcher Kevin Beaumont on Thursday retweeted a report from GTSC
Cyber Security, which originally said it first detected exploitation of a new
zero day in August.
The GTSC report noted that researchers detected webshells dropped to Exchange
servers and said the attacker was using Antsword, a Chinese-based open source
website administration tool.
Beaumont said significant numbers of Exchange servers had been backdoored —
including a honeypot.
Researchers noted similarities to ProxyShell, which emerged in 2021, however
after additional investigation they said this was a new vulnerability.
Researchers from Huntress said they are actively looking for red flags and
potential signs of exploitation.
Microsoft stressed that authenticated access is necessary to exploit either of
the two vulnerabilities.
* post
* share
* tweet
* print
* email
Filed Under: Vulnerability
CYBERSECURITY DIVE NEWS DELIVERED TO YOUR INBOX
Get the free daily newsletter read by industry experts
Email:
* Select user consent: By signing up to receive our newsletter, you agree to
our Terms of Use and Privacy Policy. You can unsubscribe at anytime.
Sign up A valid email address is required. Please select at least one
newsletter.
EDITORS’ PICKS
* Layla Bird via Getty Images
SECURITY PROFESSIONALS ARE BURNED OUT. HERE ARE 5 WAYS TO HELP THEM.
Addressing the causes of burnout requires a top-down approach that better
aligns security teams with the rest of the business.
By Brian Eastwood • April 18, 2022
* atiatiati via Getty Images
WHAT CYBER INSURANCE COMPANIES WANT FROM CLIENTS
Insurers evaluate how a company leverages technology and what internal
standards are in place to manage risk.
By Sue Poremba • April 28, 2022
GET THE FREE NEWSLETTER
Subscribe to Cybersecurity Dive for top news, trends & analysis
Email:
* Select user consent: By signing up to receive our newsletter, you agree to
our Terms of Use and Privacy Policy. You can unsubscribe at anytime.
Sign up A valid email address is required. Please select at least one
newsletter.
MOST POPULAR
1. Vice Society raises ransomware pressure on Los Angeles school district
2. Microsoft investigating 2 zero-day vulnerabilities in Exchange Server
3. American Airlines phishing attack involved unauthorized access to Microsoft
365
4. C-suite, boards are prioritizing cybersecurity, but still expect increased
threats
COMPANY ANNOUNCEMENTS
* Paperclip, Inc. Selects Chad F. Walter as Chief Revenue Officer From
Paperclip, Inc.
* TSA Trials aXite Security Tools’ OT Cyber Security Solution to Protect Legacy
Security Screeni… From aXite Security Tools
* Echelon Risk + Cyber Welcomes Kaushik Kiran as Director of vCISO and Cyber
Strategy Services From Echelon Risk + Cyber
* Paperclip SAFE Disrupts Data Security Industry Using Encryption-In-Use
Technology to Prevent D… From Paperclip, Inc.
View all | Post a press release
CYBERSECURITY DIVE NEWS DELIVERED TO YOUR INBOX
Get the free daily newsletter read by industry experts
Email:
* Select user consent: By signing up to receive our newsletter, you agree to
our Terms of Use and Privacy Policy. You can unsubscribe at anytime.
Sign up A valid email address is required. Please select at least one
newsletter.
COMPANY ANNOUNCEMENTS
View all | Post a press release
Paperclip, Inc. Selects Chad F. Walter as Chief Revenue Officer
From Paperclip, Inc.
September 26, 2022
TSA Trials aXite Security Tools’ OT Cyber Security Solution to Protect Legacy
Security Screeni…
From aXite Security Tools
September 27, 2022
Echelon Risk + Cyber Welcomes Kaushik Kiran as Director of vCISO and Cyber
Strategy Services
From Echelon Risk + Cyber
September 27, 2022
Paperclip SAFE Disrupts Data Security Industry Using Encryption-In-Use
Technology to Prevent D…
From Paperclip, Inc.
September 26, 2022
Editors’ picks
* Layla Bird via Getty Images
SECURITY PROFESSIONALS ARE BURNED OUT. HERE ARE 5 WAYS TO HELP THEM.
Addressing the causes of burnout requires a top-down approach that better
aligns security teams with the rest of the business.
By Brian Eastwood • April 18, 2022
* atiatiati via Getty Images
WHAT CYBER INSURANCE COMPANIES WANT FROM CLIENTS
Insurers evaluate how a company leverages technology and what internal
standards are in place to manage risk.
By Sue Poremba • April 28, 2022
Latest in Vulnerability
* Microsoft investigating 2 zero-day vulnerabilities in Exchange Server
By David Jones
* Strict security rules could push open source community out of federal work,
expert says
By David Jones
* Organizations rapidly shift tactics to secure the software supply chain
By David Jones
* White House guidance on third-party software seen as a major test of cyber
risk strategy
By David Jones
--------------------------------------------------------------------------------
*
*
*
*
EXPLORE
* About
* Editorial Team
* Contact Us
* Newsletter
* Article Reprints
* Press Releases
* What We’re Reading
REACH OUR AUDIENCE
* Advertising
* Post a press release
RELATED PUBLICATIONS
* CIO Dive
--------------------------------------------------------------------------------
© 2022 Industry Dive. All rights reserved. | View our other publications |
Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
Search
* Home
* Topics
* Strategy
* Breaches
* Vulnerability
* Cyberattacks
* Threats
* Leadership & Careers
* Policy & Regulation
* Deep Dive
* Library
GET CYBERSECURITY DIVE IN YOUR INBOX
The free newsletter covering the top industry headlines
Email:
* Select user consent: By signing up to receive our newsletter, you agree to
our Terms of Use and Privacy Policy. You can unsubscribe at anytime.
Sign up A valid email address is required. Please select at least one
newsletter.