Hackers exploiting 2 new zero-day bugs in Exchange Server: Microsoft - New Delhi News

New Delhi, Oct 1 (IANS) Microsoft has revealed it is investigating two new zero-day vulnerabilities affectingAthe company's Exchange Server which is actively being exploited by hackers.

by IANS | Updated Oct 01, 2022

Hackers exploiting 2 new zero-day bugs in Exchange Server: Microsoft - New Delhi News

Microsoft said it is aware of limited targeted attacks using these two vulnerabilities.

The company said an attacker would need authenticated access to the vulnerable Exchange Server, such as stolen credentials, to successfully exploit either of the two vulnerabilities.

"In these attacks, CVE-2022-41040 can enable an authenticated attacker to remotely trigger CVE-2022-41082. It should be noted that authenticated access to the vulnerable Exchange Server is necessary to successfully exploit either vulnerability," Microsoft said in a security update.

The company was working on an accelerated timeline to release a fix.

"Until then, we're providing mitigations and the detection guidance below to help customers protect themselves from these attacks," it added.

Last year, Microsoft released an emergency security update for its Exchange email and communications software as at least 30,000 organisations across the US were hit by hackers who stole email communications from their systems.

US President Joe Biden's administration had blamed China for the Microsoft Exchange email server software hacking.

The cyber attacks hit defence contractors, higher education institutions and nongovernmental organisations around the world.

Microsoft said that it was monitoring new zero-day "detections for malicious activity and we'll respond accordingly if necessary to protect customers".

"Exchange Online customers do not need to take any action," it added.

Disclaimer: This story is auto-aggregated by a computer program and has not been created or edited by FreshersLIVE.Publisher : IANS-Media

Related Articles

  • PSLV-XL rocket motor made by industry passes test: ISRO
  • Cybersecurity resilience top priority for Indian firms: Cisco
  • Probe into Musk's move to convert rooms at Twitter HQ into bedrooms
  • Apple adds 700 new price points for developers in App Store
  • Microsoft may build 'super app' to fight Apple & Google
  • Cold, dry weather to continue in J&K, Ladakh
  • Apple Music to soon roll out karaoke mode
  • YouTube rolls out Twitch-like emotes
  • Apple expands self service repair to iPhone, MacBook users in Europe
  • Google rolls out new features for Pixel devices