cve-2022-41040 – Computer Security Articles

MalwareBytes Security

Update now! October patch Tuesday fixes actively used zero-day…but not the one you expected

October 12, 2022 admin adobe, Android, apple, cve-2022-41033, cve-2022-41040, Exploits and vulnerabilities, fortinet, google, microsoft, news, Samsung, SAP, VMware, Xiaomi, Zero-Day

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: Apple

Tags: Google

Tags: Android

Tags: Samsung

Tags: Xiaomi

Tags: Adobe

Tags: SAP

Tags: VMWare

Tags: Fortinet

Tags: CVE-2022-41033

Tags: CVE-2022-41040

Tags: zero-day

No fix for ProxyNotShell

(Read more…)

The post Update now! October patch Tuesday fixes actively used zero-day…but not the one you expected appeared first on Malwarebytes Labs.

MalwareBytes Security

[updated]Two new Exchange Server zero-days in the wild

October 4, 2022 admin cve-2022-41040, cve-2022-41082, Exchange, Exploits and vulnerabilities, news, proxyshell, RCE, remote powershell, SSRF, Web Shell

Categories: Exploits and vulnerabilities

Categories: News

Tags: Exchange

Tags: ProxyShell

Tags: remote PowerShell

Tags: web shell

Tags: CVE-2022-41040

Tags: CVE-2022-41082

Tags: SSRF

Tags: RCE

Two ProxyShell-like vulnerabilities are being used to exploit Microsoft Exchange Servers

(Read more…)

The post [updated]Two new Exchange Server zero-days in the wild appeared first on Malwarebytes Labs.

MalwareBytes Security

Two new Exchange Server zero-days in the wild

September 30, 2022 admin cve-2022-41040, cve-2022-41082, Exchange, Exploits and vulnerabilities, news, proxyshell, RCE, remote powershell, SSRF, Web Shell

Categories: Exploits and vulnerabilities

Categories: News

Tags: Exchange

Tags: ProxyShell

Tags: remote PowerShell

Tags: web shell

Tags: CVE-2022-41040

Tags: CVE-2022-41082

Tags: SSRF

Tags: RCE

Two ProxyShell-like vulnerabilities are being used to exploit Microsoft Exchange Servers

(Read more…)

The post Two new Exchange Server zero-days in the wild appeared first on Malwarebytes Labs.

Independent Krebs

Microsoft: Two New 0-Day Flaws in Exchange Server

September 30, 2022 admin cve-2022-41040, cve-2022-41082, gtsc, Latest Warnings, microsoft exchange server zero-day, steven adair, The Coming Storm, Time to Patch, volexity, zimbra collaboration suite

Credit to Author: BrianKrebs| Date: Fri, 30 Sep 2022 16:51:57 +0000

Microsoft Corp. is investigating reports that attackers are exploiting two previously unknown vulnerabilities in Exchange Server, a technology many organizations rely on to send and receive email. Microsoft says it is expediting work on software patches to plug the security holes. In the meantime, it is urging a subset of Exchange customers to enable a setting that could help mitigate ongoing attacks.