Security News > 2022 > October > Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities
Microsoft on Friday disclosed it has made more improvements to the mitigation method offered as a means to prevent exploitation attempts against the newly disclosed unpatched security flaws in Exchange Server.
To that end, the tech giant has revised the blocking rule in IIS Manager from ".
The list of updated steps to add the URL Rewrite rule is below -.
In the Actions pane on the right-hand side, click Add Rule(s).
Successful weaponization of the flaws could enable an authenticated attacker to chain the two vulnerabilities to achieve remote code execution on the underlying server.
The tech giant, last week, acknowledged that the shortcomings may have been abused by a single state-sponsored threat actor since August 2022 in limited targeted attacks aimed at less than 10 organizations worldwide.
News URL
https://thehackernews.com/2022/10/microsoft-issues-improved-mitigations.html
Related news
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
- Microsoft's End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now (source)
- Microsoft Exchange Online outage affects Outlook web users (source)
- Microsoft: Exchange Online bug mistakenly quarantines user emails (source)
- Hijacked Microsoft web domain injects spam into SharePoint servers (source)