Hackers can easily bypass mitigation for Microsoft Exchange security vulnerabilities
Late last week, Microsoft confirmed the existence of two actively exploited zero-day vulnerabilities in Exchange Server. Tracked as CVE-2022-41082 and CVE-2022-41040, both security flaws are worrying as they are known to be actively exploited.
While it works on a fix, Microsoft offered up instructions to mitigate the vulnerabilities. But it turns out that it is incredibly easy to bypass, with security experts warning that the method used is too specific, rendering it ineffective.
Microsoft confirms two actively exploited zero-day vulnerabilities in Exchange Server
Microsoft has issued a security notice about two zero-day vulnerabilities with its own Microsoft Exchange Server. Versions 2013, 2016 and 2019 of the software are affected.
One vulnerability (CVE-2022-41082) allows for remote code execution when an attacker has access to PowerShell; the second (CVE-2022-41040) is a Side Request Forgery (SSRF) vulnerability. Both vulnerabilities are being exploited in the wild.
Microsoft releases fix for email-breaking Y2K22 bug in Exchange FIP-FS
Microsoft Exchange users were hit by a New Year bug that prevented the delivery of emails. The "year 2022" bug in the FIP-FS anti-malware scanner resulted in error messages including "The FIP-FS Scan Process failed initialization. Error: 0x8004005. Error Details: Unspecified Error" and "Error Code: 0x80004005. Error Description: Can't convert "2201010001" to long".
While the bug caused a degree of panic, Microsoft has now released an official fix. Anyone who has encountered the issue can apply the fix manually, or use an automated script to take care of things.