Observing OWASSRF Exchange Exploitation- still - #CVE-2022-41040
2023-02-01 _Even in 2023, email is still critical infrastructure for most firms. As recent articles show, it's really difficult to patch or upgrade Exchange servers because of the fear of an email outage and business disruption. That said, if your org self-manages Exchange and cannot afford to apply patches in a timely manner, consider switching to a managed Exchange provider that has a better track record in keeping Exchange services fully patched and secure. --Darien Kindlund_ 2022-12-23 _The major threat referred to as ProxyNotShell is extremely serious, and continues to evolve. Any organization using on-prem Microsoft Exchange servers should take note of this threat, and have their Exchange admins apply updates as soon as possible._ _The attack is based on chaining together exploits for two vulnerabilities that would allow them to achieve remote code execution, essentially taking control of the exchange server. Recently, researchers found a new way to execute this attack via Outlook Web Access, adding a new attack vector. _ _Patches have been available since November 8th. Admins should apply the patch as soon as possible. If they can’t, they should disable OWA, as well as remote PowerShell, if patches cannot be applied. Details can be found in the articles Fletch is tracking for this threat._ _If you’re not sure if you are exposed to ProxyNotShell, you can connect your vulnerability scanners to a trial version of Fletch and check for this and other major threats for free. --Robert Wagner_ [View Article](https://www.zdnet.com/article/microsoft-warning-protect-this-critical-piece-of-your-tech-infrastructure/)