{"id":147631,"date":"2022-10-05T23:25:02","date_gmt":"2022-10-06T04:25:02","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2022\/10\/mitigation-for-exchange-zero-days-bypassed-microsoft-issues-new-workarounds"},"modified":"2022-10-05T23:25:02","modified_gmt":"2022-10-06T04:25:02","slug":"mitigation-for-exchange-zero-days-bypassed-microsoft-issues-new-workarounds","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2022\/10\/mitigation-for-exchange-zero-days-bypassed-microsoft-issues-new-workarounds","title":{"rendered":"Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/mitigation-for-exchange-zero-days-bypassed-microsoft-issues-new-workarounds.jpg\"><\/a><\/p>\n<p>Microsoft has revised its mitigation measures for the newly disclosed and actively exploited zero-day flaws in Exchange Server after it was found that they could be trivially bypassed.<\/p>\n<p>The two vulnerabilities, tracked as CVE-2022\u201341040 and CVE-2022\u201341082, have been codenamed <a href=\"https:\/\/thehackernews.com\/2022\/10\/state-sponsored-hackers-likely.html\" rel=\"noopener\" target=\"_blank\">ProxyNotShell<\/a> due to similarities to another set of flaws called <a href=\"https:\/\/thehackernews.com\/2021\/11\/hackers-exploiting-proxylogon-and.html\" rel=\"noopener\" target=\"_blank\">ProxyShell<\/a>, which the tech giant resolved last year.<\/p>\n<p>In-the-wild attacks abusing the <a href=\"https:\/\/kb.cert.org\/vuls\/id\/915563\" rel=\"noopener\" target=\"_blank\">shortcomings<\/a> have chained the two flaws to gain remote code execution on compromised servers with elevated privileges, leading to the deployment of web shells.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft has revised its mitigation measures for the newly disclosed and actively exploited zero-day flaws in Exchange Server after it was found that they could be trivially bypassed. The two vulnerabilities, tracked as CVE-2022\u201341040 and CVE-2022\u201341082, have been codenamed ProxyNotShell due to similarities to another set of flaws called ProxyShell, which the tech giant resolved [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20],"tags":[],"class_list":["post-147631","post","type-post","status-publish","format-standard","hentry","category-futurism"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/147631","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=147631"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/147631\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=147631"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=147631"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=147631"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}