International
Cancel
UK NewsUK NewsView in App

Microsoft warns users about two Exchange zero-day bugs exploited by attackers

Due to two connected "zero-day" vulnerabilities, Microsoft email users are in danger of attack. The tech giant acknowledged that only a small number of targeted individuals had exploited these vulnerabilities but added that it was working to find ...

By ET Spotlight Special |
Agencies
Microsoft has revealed that "targeted attacks" utilize two Exchange servers' zero-day vulnerabilities.

The first weakness—a "server-side request forgery" vulnerability—and the second one allow remote code execution on a server when an attacker gains access to PowerShell.

It has been asserted that these problems also affect Exchange Server 2013, 2016, and 2019.




Microsoft introduces Windows 11 2022 update
1/5

Microsoft added Smart App control to the Windows 11 operating system. By preventing Windows 11 from running script files, harmful macros, or untrusted or unregistered applications, the new Smart App control tool enables users to install new apps and services without concern.

Microsoft added Smart App control to the Windows 11 operating system. By preventing Windows 11 from running script files, harmful macros, or untrusted or unregistered applications, the new Smart App ..
Read More

Users can open multiple directories simultaneously in File Explorer using tabs, just like in a web browser.

Additionally, the update offers enhancements to Quick Settings, the Start Menu, greater search integration, and enhanced event coverage for Widgets.

Users can open multiple directories simultaneously in File Explorer using tabs, just like in a web browser.Additionally, the update offers enhancements to Quick Settings, the Start Menu, greater sear..
Read More

With the update, Microsoft also added Clipchamp as an inbox app. Users can modify videos using this new video editor, which also contains a template, effects, and other features.

With the update, Microsoft also added Clipchamp as an inbox app. Users can modify videos using this new video editor, which also contains a template, effects, and other features.

The company has also revamped the Microsoft Store interface and made some changes to Windows Studio Effects, new creation tools, and extra gaming features.

The company has also revamped the Microsoft Store interface and made some changes to Windows Studio Effects, new creation tools, and extra gaming features.

Snap layouts in Windows 11 have been enhanced with better touch controls and the capacity to snap multiple Microsoft Edge browser tabs. Additionally, the company has debuted Do Not Disturb and Focus sessions. The DND will be automatically turned off as part of the new Focus sessions, along with the taskbar badges, notifications, and app notifications.

Snap layouts in Windows 11 have been enhanced with better touch controls and the capacity to snap multiple Microsoft Edge browser tabs. Additionally, the company has debuted Do Not Disturb and Focus ..
Read More
See More SlideshowsMore Slideshows


GTSC Identified the Flaws First

The cybersecurity firm GTSC was the first to identify the flaws. This company claimed that leveraging the exploits could perform lateral motions to other servers and backdoor creation in affected systems.
ADVERTISEMENT

Microsoft pledged to provide a fix for these problems in a shorter amount of time. Microsoft asserted that it had provided consumers with mitigations and support for detections up until that point to aid their security.

Microsoft Appreciated for Acting Quickly

The enthusiastic tech giant encouraged Exchange Server users to deny non-admin users remote PowerShell access.

Oliver Pinson-Roxburgh, CEO of the cybersecurity firm Defense.com, claims that the exploit attacks remind us of the "constant threat" cyberattacks represent. Additionally, Pinson-Roxburgh "applauded" Microsoft for acting "rapidly" to notify customers of the issue.

Kaspersky's Malware Attack

Kaspersky revealed that a piece of malware was backdooring Microsoft Exchange servers that were under the control of governments and other international organizations earlier this year.
ADVERTISEMENT

FAQs

Is the Microsoft account secure?
Microsoft prioritizes account security and attempts to prevent unauthorized sign-ins.

How are zero-day vulnerabilities found?
These are found either by the developer or by users when a program exhibits odd behavior.
ADVERTISEMENT
Download
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
READ MORE
ADVERTISEMENT

READ MORE:

Microsoft users |microsoft |exchange |quicklythe |powershell |microsoft exchange |gtsc |malware attackkaspersky |kaspersky s |

LOGIN & CLAIM

50 TIMESPOINTS

German Unity Day 2022: Wishes, quotes, and messages to celebrate the day

More from our Partners

Loading next story
Cancel
Business News › News › International › UK News › Microsoft warns users about two Exchange zero-day bugs exploited by attackers
Text Size:AAA

Popular Categories

Hot on Web

In Case you missed it

Top Searched Companies

Download ET APP


Follow us on


Powered by

become a member

Terms of Use & Grievance Redressal Policy
DNPA Code of Ethics|Privacy Policy|Archive|Delete Data|Feedback|

Copyright © 2026 Bennett, Coleman & Co. Ltd. All rights reserved. For reprint rights:
Times Syndication Service

Do Not Sell My Personal Information
Success
This article has been saved

*

+