Microsoft Yet To Fix Two New Exchange Zero-Day Bugs; Expert Claims A China Connection

Microsoft Yet To Fix Two New Exchange Zero-Day Bugs; Expert Claims A China Connection
  • Microsoft Corp MSFT confirmed two unpatched Exchange Server zero-day vulnerabilities cybercriminals exploit in real-world attacks.
  • Cybersecurity company GTSC, which first discovered the flaws, said cybercriminals used the two zero-days in attacks on their customers' environments dating back to early-August 2022.
  • Microsoft identified one bug as a server-side request forgery (SSRF) vulnerability. The other bug allowed remote code execution on a vulnerable server when PowerShell is accessible to the attacker, TechCrunch reports.
  • GTSC reports that cybercriminals chained the two vulnerabilities to create backdoors on the victim's system and move laterally through the compromised network.
  • GTSC suspected a Chinese threat group behind the attacks because the web shell codepage uses character encoding for simplified Chinese. The attackers have also deployed the China Chopper web shell in attacks for persistent remote access.
  • Security researcher Kevin Beaumont claimed awareness of the vulnerability being "actively exploited in the wild" and that he "can confirm significant numbers of Exchange servers have been backdoored."
  • Microsoft security chief Charlie Bell pitched AI for better cybersecurity at a Q&A session.
  • Recently, Uber Technologies, Inc UBER suffered a hack and held the notorious Lapsus$ group responsible for the same
  • The breach had forced Uber to shut down some internal systems temporarily. The culprits gained access after obtaining an external contractor's account credentials. 
  • Price Action: MSFT shares traded higher by 0.66% at $239.06 on the last check Friday.

Posted In: BriefsNewsTechMedia