Microsoft announce Zero-Day Vulnerabilities
Released On 2nd Oct 2022
Over the weekend, Microsoft confirmed two unpatched Exchange Sever zero-day vulnerabilities are being exploited by cybercriminals in real-world attacks, affecting Microsoft Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019.
While Microsoft has not yet released an official patch, mitigation procedures have been performed over the weekend on all affected servers. We will contact all affected customers once a patch has been released.
Please not that any customers hosted in Microsoft 365 are not affected.