One Article Review
| Source |  CSO |
|---|---|
| Identifiant | 7290015 |
| Date de publication | 2022-10-03 11:45:00 (vue: 2022-10-03 19:07:37) |
| Titre | Microsoft mitigation for new Exchange Server zero-day exploits can be bypassed |
| Texte | Attackers are currently exploiting two unpatched vulnerabilities to remotely compromise on-premises Microsoft Exchange servers. Microsoft confirmed the flaws late last week and published mitigation advice until a complete patch can be developed, but according to reports, the proposed mitigation can be easily bypassed.The new vulnerabilities were discovered in early August by a Vietnamese security company called GTSC while performing security monitoring and incident response for a customer whose servers were attacked. Initially, the GTSC researchers thought they might be dealing with a ProxyShell exploit based on the malicious requests seen in the server logs which looked similar. ProxyShell is an attack that chains three Exchange vulnerabilities and was patched last year.To read this article in full, please click here |
| Envoyé | Oui |
| Condensat | according advice are article attack attacked attackers august based but bypassed called can chains click company complete compromise confirmed currently customer day dealing developed discovered early easily exchange exploit exploiting exploits flaws full gtsc here incident initially last late logs looked malicious microsoft might mitigation monitoring new patch patched performing please premises proposed proxyshell published read remotely reports requests researchers response security seen server servers similar thought three two unpatched until vietnamese vulnerabilities week which whose year zero |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.