Attackers can bypass Microsoft Exchange mitigation for on-premises servers 

Researchers have warned that mitigations published by Microsoft to fix two new Microsoft Exchange zero-day vulnerabilities can be circumvented by hackers.

In a tweet, security expert Jang explained that Microsoft’s temporary solution to prevent the exploitation of CVE-2022-41040 and CVE-2022-41082 is insufficient and can be bypassed with little effort.

Jang’s claims were verified. Instead of the URL block required by Microsoft, Jang offered a less specific alternative that would cover a wider range of attacks: “.autodiscover\.json.*PowerShell.*”

Microsoft’s mitigation instructions apply to on-premise Exchange Server customers and that Exchange Outline clients do not need to take action.

However, many organizations have a hybrid setup that combines on-prem with Microsoft Exchange’s cloud deployment.

Some organizations believe that a hybrid Microsoft Exchange setup would protect them from attack. However, security expert Kevin Beaumont explained that once there is an on-premise Exchange Server deployment, the organization remains at risk.

The sources for this piece include an article in BleepingComputer.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web