Return to forum
New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Serv
by - Thursday, January 1, 1970 at 12:00 AM
h4x0r
GOD
Posts: 360
Threads: 0
Joined: N/A
Reputation: 479

LeakerHackerCoder
#1
October 3, 2022 at 8:25 PM
New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server

Update
[29-09-2022]: Micrsoft published a blog post detailing mitigation and detection steps regarding the new vulnerabilities: https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/
[03-10-2022]: After receiving information from Jang (@testanull), we noticed that the regex used in the Rewrite Rule could be bypassed. Exploit video PoC

https://gteltsc.vn/blog/warning-new-attack-campaign-utilized-a-new-0day-rce-vulnerability-on-microsoft-exchange-server-12715.html
My kung fu is stronger than yours...


Reply
Almost Amish
GOD
Posts: 54
Threads: 0
Joined: N/A
Reputation: 709

HackerGamerCoder
#2
October 3, 2022 at 8:26 PM
NOT cool anymore
what color is your Bugatti ?

Reply
Member
Member
Posts: 31
Threads: 0
Joined: N/A
Reputation: 12

#3
October 4, 2022 at 3:05 PM
This has been the method of workarounds/patching by Microsoft for a while now. One need look no further back than the MSDT "patch". Instead of removing or fixing the underlying issue they have done things like this and removed specific exploitation rather than root cause issue. I know this was only a workaround, but this shouldn't be surprising anyone anymore.
Reply
Member
Member
Posts: 10
Threads: 0
Joined: N/A
Reputation: 0

#4
October 5, 2022 at 9:18 AM
Nice post
Reply
Advanced User
Advanced
Posts: 60
Threads: 0
Joined: N/A
Reputation: 0

#5
October 5, 2022 at 4:43 PM
Nice read
Reply


 Users viewing this thread: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Serv: No users currently viewing.