With a Powershell script, administrators can import the workaround against the newly discovered zero-day vulnerabilities in Exchange Server.
Microsoft has released a shell script that imports the workaround to protect against the zero-day vulnerabilities in Exchange servers that became known on Friday. Administrators can download the script from Microsoft and should run it on each affected on-premises server. The workaround is now also being played out via Microsoft’s Exchange Server Emergency Mitigation Service (EMS).
On Friday, security researchers warned of two zero-day vulnerabilities that are already being actively exploited. Details of the exploits are not yet known. According to the security researchers, they managed to address a component in the backend of the server and run code from it. The attacks are said to follow a pattern similar to that of ProxyShell in summer 2021.
Microsoft has confirmed the vulnerabilities (CVE-2022-41040, CVE-2022-41082). In a report, the company speaks of “limited, targeted attacks”. The Exchange Server 2013, 2016 and 2019 versions are affected. Exchange online customers should not be affected. There are no patches yet.