Actions on the recent Microsoft Exchange vulnerability

Microsoft and the Spanish Centro Criptográfico Nacional warn of a new vulnerability for Exchange versions CVE-2022-41040 and CVE-2022-41082 of critical nature.
Microsoft Exchange is one of the most used business mail services in the world, if not the most. Possibly there is a message beeping on your cell phone or computer screen right now demanding your attention, as you read this, of an email that has entered your work mailbox and has been managed by Exchange Server. But Microsoft, the company that owns the software, has recently warned again that it is vulnerable and could pose a danger. There are two critical vulnerabilities that may be being used by "threat actors to compromise vulnerable servers", according to the Sapnish Centro Criptográfico Nacional and the company itself.
But don't panic because, as a spoiler, it has a solution, and probably  it has already been applied by the technicians in charge within your company. Or not.
On our side, as it's usual when warnings of this type arise, we have carried out a monitoring campaign among our customers to check if these vulnerabilities could affect them. And if you are wondering how we are able to find this out in a non-intrusive way for the client, what we do is to look for signs and symptoms in the monitored systems to know what software they run and from there infer the problems that affect them.
This punctual monitoring service is one more of the benefits included with LEET Security's rating, which addresses a wide variety of content in what is the most comprehensive review on the market of all the points that underpin a company's cybersecurity. And if you're not already familiar with it, check out our methodology and our Rating guidance and controls.
This particular campaign has made us focus on our "Systems Operation" domain, and more particularly on two sections: 
  • "Software and systems support", where we ensure that the software used is supported by the manufacturer.
  • "Vulnerability Control", through which we verify good management of published patches.
As for the solution provided by the company, on September 29, Microsoft published this vulnerability advisory along with two actions that could mitigate the risk and, later, on November 8, it expanded it by announcing a solution, which you can find here.
Among our clients we have only found two cases in which this vulnerability could affect them and they have already been warned, given that, if a possible breach of what has already been rated is detected, it could be the trigger to initiate a process of reopening a file that could ultimately lead to a modification of their cybersecurity rating.
This is why LEET Security's is The ultimate cybersecurity rating.

All you need is LEET

Suscribe to our newsletter here