Vietnamese security researchers GTSC Cyber Security Company I discovered two actively exploited vulnerabilities in Microsoft Exchange. The two zero-day errors allow remote code to be run on the target system, like “computer is bleedingThis is how attackers can open backdoors into the system and steal data.
There is currently no patch from Microsoft – it’s not clear when one will appear.
However, GTSC researchers have published an alternative solution to secure their infrastructure, such as “hotAccordingly, administrators should create a rule blocking the request with the content . * Autodiscover \ .json. * \ @. * Powershell. * In the URL path – “{REQUEST_URI}” must be defined as the condition entry.
Administrators can use the following PowerShell command to check if servers have already been compromised:
Get-ChildItem -Recurse -Path
Researchers reported the vulnerability to Microsoft three weeks ago via the Zero Day initiative, Bleepingcomputer wrote. Microsoft has not yet released any information about the two vulnerabilities and has not yet set a CVE ID to track them. Both vulnerabilities received a CVSS score of 8.8 and 6.3 – thus the risk is classified as ‘high’.
If you want to read more about cybercrime and cyber security, Subscribe to the Swisscybersecurity.net newsletter here. On the portal you can read daily news about current threats and new defense strategies.
“Prone to fits of apathy. Zombie ninja. Entrepreneur. Organizer. Evil travel aficionado. Coffee practitioner. Beer lover.”