Microsoft has confirmed two unpatched Exchange Server zero-day vulnerabilities are being exploited by cybercriminals in real-world attacks. Microsoft’s Security Response Center (MRSC) said in a blog post late on Thursday that the two vulnerabilities were identified as CVE-2022-41040, a server-side request forgery (SSRF) vulnerability, while the second, identified as CVE-2022-41082, allows remote code execution on a vulnerable server when PowerShell is accessible to the attacker.
BMC is deploying threat-hunting tools on affected clients to track down any suspicious activity, and we are following Microsoft best practice and guidance to lockdown the vulnerability. If there is any downtime required, we will notify your firm right away.
The BMC Approach
BMC believes that replacing Exchange Servers on-premises will reduce the risk of this type of vulnerability, as Microsoft 365 remain to be the best solution to protect your firm’s email and client data.
For more information: https://www.theregister.com/2022/09/30/exchange_server_zero_day/