Head Topics

Two actively exploited zero-day flaws threaten Microsoft Exchange servers

United States News News

Two actively exploited zero-day flaws threaten Microsoft Exchange servers
United States Latest News,United States Headlines
  • 📰 mybroadband
  • ⏱ Reading Time:
  • 38 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 19%
  • Publisher: 67%

Vietnamese cybersecurity firm GTSC discovered the two vulnerabilities in August 2022.

Attackers are actively exploiting two flaws in fully patched Microsoft Exchange servers to execute code remotely on affected systems, The Hacker NewsThe warning came from cybersecurity researchers at the Vietnamese security firm GTSC, who first spotted the vulnerabilities in August 2022.the two flaws as ZDI-CAN-18333 and ZDI-CAN-18802, which have been assigned Common Vulnerability Scoring System scores of 8.8 and 6.3, respectively.

According to GTSC, exploiting the vulnerabilities could let malicious actors access Microsoft Exchange server systems to drop web shells and carry out lateral movements across the compromised network.“Using the user-agent, we detected that the attacker uses Antsword, an active Chinese-based open source cross-platform website administration tool that supports web shell management.”

GTSC believes that a Chinese group is likely carrying out attacks as the web shell encoding is in simplified Chinese.The Hacker News provided details on temporary workarounds, including adding a rule to block requests with indicators of compromise through the URL Rewrite Rule Module for IIS servers:Add the string: “.*autodiscover\.json.*\@.*Powershell.

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

mybroadband /  🏆 11. in ZA

United States Latest News, United States Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

Microsoft Exchange Online users must ditch “basic authentication” or risk disconnectionMicrosoft Exchange Online users must ditch “basic authentication” or risk disconnectionMicrosoft said it would start randomly selecting tenants to disable their basic authentication logins on 1 October 2022.
Read more »

Jagersfontein residents panicked, says Free State government officialStormwater flowing in areas where mine waste spilt after two days' continuous rainfall has caused panic among residents in Jagersfontein, says Dr Mbulelo Nokwequ.
Read more »

1nvest to offer its full ETF line-up on A2X1nvest to offer its full ETF line-up on A2XJSE-listed specialist index fund manager 1nvest SA will list all 16 of its exchange-traded funds (ETFs) on South African exchange platform A2X Markets next Wednesday (5 October). Moneyweb Trading NDL_ndumeey
Read more »

Bank of England intervenes in gilt market to stave off crashThe central bank warns continued dysfunction will threaten financial stability and even damage the economy
Read more »



Render Time: 2025-08-27 13:30:25