Sophos UTM: Decommissioning of obsolete URL categorization services CFFS.Click here for important info.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Exchange 0-Day CVE-2022–41040 and CVE-2022–41082, how to check if rules are including the mitigation?

There is a critical 0-Day exploit for Exchange already being exploited, which is pretty much the same as the "ProxyShell" vulnerability in March.

How can I check if the mitigation is already working with Snort or IPS rules?

https://gteltsc.vn/blog/warning-new-attack-campaign-utilized-a-new-0day-rce-vulnerability-on-microsoft-exchange-server-12715.html#:~:text=Temporary%20containment%20measures

There is also written (see  "Temporary containment measures") how to create a rewrite rule to address the vulnerability, until a patch becomes available.



This thread was automatically locked due to age.
Parents Reply Children
No Data