Lucene search

K
msrcMicrosoft Security Response CenterMSRC:644966B4D83B650C284EC9D93664582D
HistorySep 30, 2022 - 7:00 a.m.

Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server

2022-09-3007:00:00
Microsoft Security Response Center
link
23
customer guidance
zero-day vulnerabilities
security updates
cve-2022-41040
cve-2022-41082
microsoft exchange server
mitigations
organization protection
exchange team blog

EPSS

0.952

Percentile

99.4%

November 8, 2022 update - Microsoft released security updates for CVE-2022-41040 and CVE-2022-41082. We recommend that customers protect their organizations by applying the updates immediately to affected systems. The options described in the Mitigations section are no longer recommended. For more information, review the Exchange Team blog. Summary Summary On November 8 Microsoft released security updates for two zero-day vulnerabilities affecting Microsoft Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019.