Security News > 2022 > November > Exploit released for actively abused ProxyNotShell Exchange bug
Proof-of-concept exploit code has been released online for two actively exploited and high-severity vulnerabilities in Microsoft Exchange, collectively known as ProxyNotShell.
Microsoft released security updates to address the two security flaws as part of the November 2022 Patch Tuesday, even though ProxyNotShell attacks have been detected since at least September 2022.
One week after Microsoft released ProxyNotShell security updates, security researcher Janggggg released the proof-of-concept exploit attackers have used in the wild to backdoor Exchange servers.
Will Dormann, a senior vulnerability analyst at ANALYGENCE, tested the exploit and confirmed that it's working against systems running Exchange Server 2016 and 2019, and added that the code needs some tweaking to get it to work when targeting Exchange Server 2013).
"Because we are aware of active exploits of related vulnerabilities, our recommendation is to install these updates immediately to be protected against these attacks," the Exchange Team warned after patches were released.
"These vulnerabilities affect Exchange Server. Exchange Online customers are already protected from the vulnerabilities addressed in these SUs and do not need to take any action other than updating any Exchange servers in their environment."