Microsoft has confirmed it is investigating two zero-day vulnerabilities in its Exchange that have been used to launch cyber attacks against organizations.
The tech giant says the vulnerabilities — labeled CVE-2022-41040 and CVE-2022-41082 — affect its 2013, 2016 and 2019 Exchange servers.
The former is a server-side request forgery vulnerability, while the latter allows remote code execution when PowerShell is accessible to the attacker.
“Microsoft is currently aware of limited targeted attacks using these two vulnerabilities,” Microsoft said in a blog post.
“In these attacks, CVE-2022-41040 could allow an authenticated attacker to remotely trigger CVE-2022-41082.”
Microsoft says authenticated access to the vulnerable Exchange Server is required to exploit any of the vulnerabilities.
He added that he is currently working on an “accelerated timeline” to release a patch.
Meanwhile, the tech giant has laid out mitigation and detection guidelines that users can follow.
“Microsoft Exchange Online has detections and mitigations in place to protect customers,” the post added.
“As always, Microsoft is monitoring these detections of malicious activity and we will respond accordingly as necessary to protect customers.”
You can find out more here