Subnostr

Summary:

- Four zero-day vulnerabilities have been identified in Microsoft Exchange, allowing attackers to execute arbitrary code.

- The vulnerabilities have not been assigned CVEs and have severities ranging from 7.1 to 7.5.

- Microsoft has not released patches to fix these vulnerabilities yet.

- The vulnerabilities involve server-side request forgery and the deserialization of untrusted data.

- Microsoft stated that the vulnerabilities were not severe enough to be immediately patched but will be evaluated for future updates.

- The vulnerabilities were discovered by Piotr Bazydlo of the Trend Micro Zero Day Initiative.

Hashtags:

#MicrosoftExchange #ZeroDayVulnerabilities #CyberSecurity #ServerSideRequestForgery #RemoteCodeExecution #DataBreaches #PiotrBazydlo #TrendMicroZDI