Sophos UTM: Decommissioning of obsolete URL categorization services CFFS. Click here for important info.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Exchange 0-Day CVE-2022–41040 and CVE-2022–41082, how to check if rules are including the mitigation?

There is a critical 0-Day exploit for Exchange already being exploited, which is pretty much the same as the "ProxyShell" vulnerability in March.

How can I check if the mitigation is already working with Snort or IPS rules?

There is also written (see  "Temporary containment measures") how to create a rewrite rule to address the vulnerability, until a patch becomes available.

This thread was automatically locked due to age.
Parents Reply Children
  • Why is that not mentioned in the IPS Signature Release Note V9.19.68?

    SFVH (SFOS 20.0.0 EAP1-Build195) - Last (re)boot on September 26 2023
    Asus H410i-plus - Pentium 6605 Gold - 250GB M.2 PCIe NVMe SSD - 8GB - 3 ports
    [If any of my posts are helpful to you please use the 'Verify Answer' link]