Navigation
Recherche
|
Microsoft confirms two actively exploited zero-day vulnerabilities in Exchange Server
vendredi 30 septembre 2022, 13:35 , par BetaNews
Microsoft has issued a security notice about two zero-day vulnerabilities with its own Microsoft Exchange Server. Versions 2013, 2016 and 2019 of the software are affected. One vulnerability (CVE-2022-41082) allows for remote code execution when an attacker has access to PowerShell; the second (CVE-2022-41040) is a Side Request Forgery (SSRF) vulnerability. Both vulnerabilities are being exploited in the wild. See also: Microsoft acknowledges printer issues blocking Window 11 2022 Update Microsoft is blocking Windows 11 2022 Update because of blue screen issues Microsoft releases out-of-band KB5019311 update for Windows 11 Warning that it is 'aware of limited targeted attacks using… [Continue Reading]
https://betanews.com/2022/09/30/microsoft-confirms-two-actively-exploited-zero-day-vulnerabilities-i...
|
56 sources (32 en français)
Date Actuelle
ven. 3 mai - 05:17 CEST
|