Article 6G4Q1 Microsoft Disputes Severity of Four Zero-Day Vulnerabilities Found in Exchange by Trend Micro

Microsoft Disputes Severity of Four Zero-Day Vulnerabilities Found in Exchange by Trend Micro

by
EditorDavid
from Slashdot on (#6G4Q1)
"Microsoft Exchange is impacted by four zero-day vulnerabilities that attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations," reports Bleeping Computer, citing disclosures Thursday from Trend Micro's Zero Day Initiative, who reported them to Microsoft on September 7th and 8th, 2023. In an email to the site, a Microsoft spokesperson said customers who applied the August Security Updates are already protected from the first vulnerability, while the other three require attackers to have prior access to email credentials. (And for two of them no evidence was presented that it can be leveraged to gain elevation of privilege.) "We've reviewed these reports and have found that they have either already been addressed, or do not meet the bar for immediate servicing under our severity classification guidelines and we will evaluate addressing them in future product versions and updates as appropriate." From Bleeping Computer's report:ZDI disagreed with this response and decided to publish the flaws under its own tracking IDs to warn Exchange admins about the security risks... All these vulnerabilities require authentication for exploitation, which reduces their severity CVSS rating to between 7.1 and 7.5... It should be noted, though, that cybercriminals have many ways to obtain Exchange credentials, including brute-forcing weak passwords, performing phishing attacks, purchasing them, or acquiring them from info-stealer logs... ZDI suggests that the only salient mitigation strategy is to restrict interaction with Exchange apps. However, this can be unacceptably disruptive for many businesses and organizations using the product. We also suggest implementing multi-factor authentication to prevent cybercriminals from accessing Exchange instances even when account credentials have been compromised.

twitter_icon_large.pngfacebook_icon_large.png

Read more of this story at Slashdot.

External Content
Source RSS or Atom Feed
Feed Location https://rss.slashdot.org/Slashdot/slashdotMain
Feed Title Slashdot
Feed Link https://slashdot.org/
Feed Copyright Copyright Slashdot Media. All Rights Reserved.
Reply 0 comments