Microsoft Exchange and Dell, Zero day exploits under attack.

Posted in: Cyber Security 04/10/22

In a flurry of activity overnight, our technicians rushed to patch two zero day exploits to Microsoft Exchnage under active attack.  Vulnerabilities were discovered in Microsoft Exchange Server 2013, 2016, and 2019 recently and following immediate work arounds patches have now been released. 

One (CVE-2022-41040) is a server-side request forgery vulnerability and the other (CVE-2022-41082) is a remote code execution bug; both can exploited together to run PowerShell commands on a vulnerable system and hijack it.

Both were reported by Vietnamese cybersecurity firm GTSC late last week and Microsoft’s Threat Intelligence Team (MSTIC) said in a blog post October 1 that the holes were being exploited in “limited targeted attacks.” We’re told a single crew in August was able to exploit the bugs to install a backdoor and exfiltrate data from a victim’s network, for instance.

Meanwhile, Dell device drivers also suffered at the hands of North Korea-backed Lazarus Group Lazurus Group utilising Spear Fishing attacks.

The lure documents, leading to the distribution of malicious droppers that were trojan-ised versions of open source projects, corroborating recent reports from Google’s Mandiant and Microsoft.

ESET said it uncovered evidence of Lazarus dropping weaponized versions of FingerText and sslSniffer, a component of the wolfSSL library, in addition to HTTPS-based downloaders and uploaders.

The intrusions also paved the way for the group’s backdoor of choice dubbed BLINDINGCAN – also known as AIRDRY and ZetaNile – which an operator can use to control and explore compromised systems.

Its a busy time in the world of Information Security. Your IT team cannot manage high alert for an indefinite period. If you are looking for a strategic partner to share the load in fighting attacks on your infrastructure book a consultation today.

Can we help?

Book a no obligation phone consultation with one of our management team to discuss your IT support requirements.


Related news


Microsoft Massacres Valentines Day!

Microsoft Patch Tuesday fell on Valentines Day this week and no doubt blew out the romantic plans of a lot of people in the IT Industry! With

Read more

IT Ambulance sets the standard for Data Security.

Any organisation who works under the constraints of ISO based systems will recognise the amount of effort that goes into establishing and then continuing the process development

Read more
Start a conversation

Book a no obligation phone consultation with one of our management team to discuss your IT support requirements.