all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild

Add to bookmarks
Sept. 30, 2022, 9:01 a.m. | noreply@blogger.com (Ravie Lakshmanan)

The Hacker News thehackernews.com

Microsoft officially disclosed it investigating two zero-day security vulnerabilities impacting Exchange Server 2013, 2016, and 2019 following reports of in-the-wild exploitation.
"The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while the second, identified as CVE-2022-41082, allows remote code execution (RCE) when PowerShell is

exchange flaws microsoft zero-day zero-day flaws

Visit resource

More from thehackernews.com / The Hacker News

OfflRouter Malware Evades Detection in Ukraine for Almost a Decade 10 hours ago | thehackernews.com
analysis called cisco cisco talos +22
FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor 11 hours ago | thehackernews.com
auto auto industry automotive automotive industry +17
Recover from Ransomware in 5 Minutes—We will Teach You How! 13 hours ago | thehackernews.com
attack back can cdp +21
New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks 14 hours ago | thehackernews.com
analysis android android trojan called +16
How to Conduct Advanced Static Analysis in a Malware Sandbox 14 hours ago | thehackernews.com
advanced analysis can dynamic +17
Global Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested Worldwide 14 hours ago | thehackernews.com
arrested as-a-service called crackdown +14
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes 19 hours ago | thehackernews.com
access april critical critical vulnerabilities +25
Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor 20 hours ago | thehackernews.com
actor ads backdoor campaign +16
Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks 1 day, 11 hours ago | thehackernews.com
advanced advanced persistent threat apt apt44 +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Deputy Chief Information Security Officer

@ City of Philadelphia | Philadelphia, PA, United States
View on infosec-jobs.com

Global Cybersecurity Expert

@ CMA CGM | Mumbai, IN
View on infosec-jobs.com

Senior Security Operations Engineer

@ EarnIn | Mexico
View on infosec-jobs.com

Cyber Technologist (Sales Engineer)

@ Darktrace | London
View on infosec-jobs.com
View more jobs