HomeTech NewsCybersecurityExchange Zero-Day: Microsoft corrects workaround

Exchange Zero-Day: Microsoft corrects workaround

Published on

- Advertisement -

The first proposed workaround for the ProxyNotShell zero-day vulnerability in Exchange was easily circumvented. Microsoft supplies a corrected version. The workaround initially proposed by Microsoft to mitigate the zero-day vulnerability in the Exchange server was easily circumvented. The company has now presented a corrected workaround that is intended to provide better protection. Administrators should implement the adapted version quickly.


The ProxyNotShell zero-day vulnerability in Exchange has been keeping IT admins busy for the past weekend. After Microsoft offered a workaround, which was a request block rule in the AutoDiscover settings, IT security researchers found out that the rule .*autodiscover\.json.*\@.*Powershell.* just let go. The “@” makes the rule too specific, explained IT researcher Will Dormann on Twitter.

- Advertisement -

Dormann also suggested there that the rule be adjusted in .*autodiscover\.json.*Powershell.*. However, there was initially no confirmation from IT security experts that the modified rule provided better protection.

However, Microsoft has now adapted its own instructions with suggested actions and corrected the rule there, precisely in the proposed version .*autodiscover\.json.*Powershell.*. The manufacturer has revised the corresponding passages. In addition, the Microsoft developers have provided the EOMTv2 script for automated rollout of the rewrite rule with the improved rule.

Microsoft has also updated the rule that is automatically distributed using the Exchange Emergency Mitigation Service (EEMS) for Exchange 2016 and 2019 and has already redistributed it. The manufacturer writes that administrators should create the new rule and then delete the old, bypassable rule.

- Advertisement -

- Advertisement -

Latest articles

Chinese customs arrest man with 84 SSDs hidden in electric scooter

After the man who tried to pass through Chinese customs with 160 CPUs on...

Amazon’s restructuring plans will affect a veteran photography community

The wave of restructuring and layoffs that Amazon is facing to face the current...

More like this