all InfoSec news
Two New Exchange Zero-Days Raise Questions About Microsoft Security
Security Boulevard securityboulevard.com
Microsoft finally issued CVEs—CVE-2022–41040 and CVE-2022–41082—for two new zero-day vulnerabilities in Exchange, ending a few days of speculation that the duo were, in fact, ProxyShell flaws uncovered in 2021. “I am calling this ProxyNotShell, as it is the same path and SSRF/RCE pair from back then … but with authentication,” security researcher Kevin Beaumont wrote..
The post Two New Exchange Zero-Days Raise Questions About Microsoft Security appeared first on Security Boulevard.
cybersecurity endpoint exchange exchange vulnerability featured incident response malware microsoft microsoft security network security proxyshell questions security security boulevard (original) spotlight threat intelligence vulnerabilities zero-days