October 5, 2022

Two New Zero-Day Vulnerabilities Affecting On-Premises Microsoft Exchange Server

On September 29, 2022, Microsoft reported investigating two zero-day vulnerabilities impacting Microsoft Exchange 2013, 2016, and 2019. Microsoft is reporting attacks on Microsoft Exchange Servers utilizing the two vulnerabilities in tandem. Microsoft has noted that mitigations against these vulnerabilities are already in place for Microsoft Exchange Online (Microsoft 365).

At this time, no patch is available for this vulnerability. Microsoft has provided workaround mitigations for on-premises Microsoft Exchange Servers, listed in the link below. Basically, the workaround entails configuration changes within IIS Manager and blocking certain ports related to Remote PowerShell. For people and organizations using Microsoft Sentinel or Microsoft Defender products for antivirus, Microsoft also provides additional detection guidance in the same article.


As always, testing is important! Consider working with your technical resources to review and test any system changes.

Authored by: David Bentley, CISSP

You May Want to Read More:

The Scope of SARs - Something Old and Something New - WST

January 28th, 2021

Did you know that filing Suspicious Activity Reports...

In with the new year, out with the Flash - WST

January 21st, 2021

The writing has been on the wall for a while now ...

Back to Basics: Understanding Risk Concepts - WST

January 15th, 2021

People often make judgements and decisions about risk...

Keep your institution off the evening news.

Contact Us