Security Advisory: Critical Vulnerability for Microsoft Exchange Found

Security Advisory: Critical Vulnerability for Microsoft Exchange Found

It has recently been reported and come to the attention of Microsoft of two critical zero-day vulnerabilities that affect Microsoft Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019. The first one, identified as CVE-2022-41040, is a server-side request forgery (SSRF) vulnerability, while the second one, identified as CVE-2022-41082, allows remote code execution (RCE) when Exchange PowerShell is accessible to the attacker.

CVE-2022-41040 can enable an authenticated attacker to remotely trigger CVE-2022-41082. However, authenticated access to the vulnerable Exchange Server is necessary to successfully exploit either vulnerability, and they can be used separately.

Unfortunately, there is evidence that there are currently active attacks using these vulnerabilities as of today. As of today, Microsoft is still working on a patch/update to fix this vulnerability. They have provided a few ways to mitigate the issue in the meantime. We strongly suggest that you take the following steps to mitigate the threat

Known Mitigation

Firstly, if you are an Exchange Online customer, you do no need to take any action as Microsoft security already has you covered. For those using Microsoft Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019, you may try the 3 options below:

Option 1: For customers who have the Exchange Emergency Mitigation Service (EEMS) enabled, Microsoft released the URL Rewrite mitigation for Exchange Server 2016 and Exchange Server 2019. The mitigation will be enabled automatically.

Option 2: Microsoft created the following script for the URL Rewrite mitigation steps. https://aka.ms/EOMTv2

Option 3: Customers follow the steps found here for the third option for mitigation

Protect Confidential Data outside the office with Microsoft AIP!

Protect Confidential Data outside the office with Microsoft AIP!

Data is the cornerstone of a business; this is why security is a major factor in any IT environment. However, security does not safeguard your data once it leaves the network perimeter, whether it was shared within or outside the network. Many companies are aware of this and are now looking into ways to solve it. This is where Rights Management solutions such as Azure Information Protection comes in.

What is AIP?

AIP is a cloud-based solution that gives organizations the ability to classify and protect its sensitive data such as documents and emails by using labels. Labeling can be done automatically by either administrators who define rules and policies, manually by users, or even a combination where users are given recommendations.

Labeling can be used to classify which files in your organization are confidential. Depending on the level of sensitivity, several restrictions can be placed on data that leave the network control. These are some examples on how the restrictions can be applied::

Limiting access to users of your organization or those who are granted permission.

Users cannot forward an email or copy information from it that contains news about an internal reorganization.

Locking the forwarding option, adding recipients on replies and copy paste functions on emails.

Setting a time limit for accessing files (such as for price lists)

Besides protecting your data, AIP’s labeling can also help a company’s visibility over its data. This is done through the data classification page which shows how data is being used by the users and how users are applying labels. Below are some of the information you can get through the page:

The number of items that are classified as sensitive and what they are classified as

A summary of actions users did with the sensitive data

The location of sensitive data

With AIP, organizations using Office products can rest assure that they will have a maintained level of visibility on their data and that these will stay confidential. Now, collaboration can be empowered from inside and outside your organization by protecting sensitive information such as emails and documents with encryption, restricted access and rights, and integrated security in Office apps.

If you are interested in learning more about AIP or Office 365, fill out our contact form below and we’ll get back to you as soon as we can!