The mitigation shared by Microsoft for the two recently disclosed Exchange zero-day vulnerabilities can be bypassed, expert warns.
Last week, Microsoft confirmed that two zero-day vulnerabilities in Microsoft Exchange recently disclosed by researchers at cybersecurity firm GTSC are being actively exploited in the wild.
The first flaw, tracked as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) issue. The second vulnerability, tracked as CVE-2022-41082, allows remote code execution (RCE) when PowerShell is accessible to the attacker.
Successful exploitation of the CVE-2022-41040 can allow an authenticated attacker to remotely trigger CVE-2022-41082.
“At this time, Microsoft is aware of limited targeted attacks using the two vulnerabilities to get into users’ systems. In these attacks, CVE-2022-41040 can enable an authenticated attacker to remotely trigger CVE-2022-41082. It should be noted that authenticated access to the vulnerable Exchange Server is necessary to successfully exploit either of the two vulnerabilities.” reads the advisory published by Microsoft.
Microsoft announced that it is working to accelerate the timeline to release a fix that addresses both issues. Meantime, the company provided the mitigations and detection guidance to help customers protect themselves from these attacks.
Microsoft states that Microsoft Exchange Online Customers do not need to take any action, while it provided mitigation for on-premises Microsoft Exchange customers which are the same shared by GTSC.
“We are working on an accelerated timeline to release a fix. Until then, we’re providing the mitigations and detections guidance below to help customers protect themselves from these attacks,” Microsoft added.
Below is the step-by-step procedure provided by Microsoft to mitigate the risk of exploitation for the above issues:
- Open the IIS Manager.
- Expand the Default Web Site.
- Select Autodiscover.
- In the Feature View, click URL Rewrite.
- In the Actions pane on the right-hand side, click Add Rules.
- Select Request Blocking and click OK.
- Add String “.*autodiscover.json.*@.*Powershell.*” (excluding quotes) and click OK.
- Expand the rule and select the rule with the Pattern “.*autodiscover.json.*@.*Powershell.*” and click Edit under Conditions.
- Change the condition input from URL to REQUEST_URI
Microsoft also recommends customers block the following Remote PowerShell ports:
- HTTP: 5985
- HTTPS: 5986
Microsoft also recommends Exchange Server customers disable remote PowerShell access for non-admin users in the organization.
Researchers at GTSC published a video PoC to demonstrate how to bypass the mitigation for the two vulnerabilities.
The popular CERT/CC vulnerability analyst Will Dormann also confirmed that the mitigation can be easily bypassed.
The researchers suggested trying “.*autodiscover.json.*Powershell.*” instead of URL block mitigations shared by the IT giant.
WhatsApp starts rolling out Message Yourself feature – GSMArena.com news – GSMArena.com
WhatsApp is now rolling out its Message Yourself feature for users on iOS and Android. The feature was initially part of a beta trial that is now being made available to everyone.
Message Yourself is a feature that lets you, in a sense, message yourself. It’s a chat that is only visible and accessible to you and you can post there as you would in any other chat. This can be used to write important notes to yourself, saving web links, or uploading documents and voice notes.
This feature has been available on other platforms, notably Telegram, which has had it since launch. WhatsApp only publicly started testing this feature back in October. Some users have managed to work around its absence in the past by creating a group and then removing other members to essentially create a private chat for yourself.
The feature was unavailable for testing at the time of writing but should be available over the coming weeks.
Samsung Cyber Monday Deals: Save Hundreds On Phones, Tablets, TVs And More Electronics – Forbes
The best Samsung Cyber Monday deals are delivering some of the steepest discounts on its electronics we’ve seen all year long, especially if you have an item to trade in. Whether you’re shopping for a new smartphone or a cutting-edge smart TV, it’s important to buy from reliable brands you know and trust. (After all, ‘tis the season to get the best bang for your buck.) Samsung delivers with top-notch electronics and an excellent, almost too-good-to-be-true Cyber Monday Sale that’s going on right now.
Thanks to Samsung’s Cyber Monday deals, you can score some of its best electronics for way less than the sticker price. That includes up to $1,000 off Samsung’s artful The Frame television and $350 off its Galaxy Z Fold4 smartphone. To help streamline your search, we’ve put together the best Samsung Cyber Monday deals available right now.
After you’re finished perusing this list, you may want to check out the top Cyber Monday deals across all categories, the best TV deals, Cyber Monday appliance deals or these Cyber Monday soundbar sales.
Best Samsung Cyber Monday TV Deals
Save Up To $1,000 On Samsung’s Frame TV
Samsung Slashed The Price Of This Smart TV By $400 And More
Samsung Cyber Monday Deals On Galaxy Smartphones
Grab This Unlocked Galaxy Z Fold4 For Less
Flip Over The Savings On Samsung’s Other Folding Smartphone
Save $225 And Up On The Samsung S22 Ultra
Samsung Cyber Monday Deals On Wireless Earbuds
Scoop Up Galaxy Buds2 Pro For $50 Less
Get Nearly Half Off These Stylish, Curved Buds Live
Best Samsung Galaxy Smartwatch Deals For Cyber Monday
Save At Least $50 On Watch5 Smartwatches
This Smartwatch For $230
Best Cyber Monday Deals On Samsung Tablets
Save $200 On The Samsung Tab S8+
Get The Galaxy S7 Tablet For $200 Less
Best Samsung Cyber Monday Deals On Computers
Save $300 On This Samsung 2-In-1 Laptop
Nab 31% In Savings On Samsung’s New Chromebook
Best Samsung Cyber Monday Deals On Storage
Save $100 On The Rugged T7 Shield SSD
Save $40 On This Super Light SSD
Best Samsung Cyber Monday Deals On Soundbars
Get 26% Off This Four-Piece Sound System
More Cyber Monday Savings
Head over to Samsung’s website to discover dozens of additional deals on TVs, smartphones, kitchen appliances, washing machines, internal SSD storage and laptop computers. Many of these deals are only being offered for a short time or limited inventory is available, so don’t wait. And don’t forget: If you’re an educator, first responder, veteran, or active military, you automatically quality for the Samsung Offer Program which entitles you to additional savings (up to 30%) on your online purchases from the Samsung website.
For even more savings opportunities, head over to our Cyber Week coupon page to check out the deals from some of our favorite brands.
Flexispot EG1 electric standing desk is nearly 50% off for Cyber Monday 2022
Doctors have long touted the benefits of working at a standing desk compared to sitting all day. But most workers find that some work is more comfortable to do while sitting, while other work is more appropriate for standing. Sit/stand desks, like the Flexispot EG1, provide the best of both worlds, allowing you to electronically adjust the height of the desk at the touch of a button.
When I got my standing desk, I discovered another major benefit. I use it for product photography and because I can adjust the desk height, it makes it easy for me to shoot at just the right angle. It’s been a huge time-saver.
The desk I’m spotlighting today has a 24×40 in desk area. You can drop it down to as low as 28.6 inches from the ground and raise it up to 48.2 inches — or about shoulder height. The motorized lift system supports up to 132 pounds, which is more than enough for a keyboard, monitor, mouse, and even most tower PCs.
You do have to build the Flexispot EG1 yourself, but it goes together quickly and easily, and requires no special tools.
Amazon is currently offering 39% off, plus an additional $20 off if you click the coupon box.
More Black Friday deals
Musk: Apple wants to block Twitter from its app store – Al Jazeera English
Cosmic Chocolate Pralines: Physicists’ Surprising Discovery About Neutron Star Structure – SciTechDaily
Mitch Marner 17-game point streak Toronto Maple Leafs top Detroit Red Wings – TSN
Silver investment demand jumped 12% in 2019
Iran anticipates renewed protests amid social media shutdown
Search for life on Mars accelerates as new bodies of water found below planet’s surface
Politics23 hours ago
How Your Politics Could Affect Your Job Prospects
Tech17 hours ago
The Verge’s creator gift guide: ideas for streamers, TikTokers, and more
Health20 hours ago
Polio is back in Indonesia, sparking vaccination campaign
Health22 hours ago
Monkeypox renamed as ‘mpox’
Health21 hours ago
Kimberley compounding pharmacy steps up to alleviate shortages
Tech21 hours ago
Apple and Huish devise clever pricing model for divers with Oceanic+ app
Media20 hours ago
France’s Citizen Kane tests EU media freedom ambitions
Real eState21 hours ago
Certus Capital invests Rs 30 cr in EON, a prime real estate project in Mumbai