Fixed: Microsoft Two Critical Exchange Zero-Day Vulnerability

Recently, Microsoft has released security updates for two Exchange zero-day vulnerabilities affecting Microsoft Exchange Servers. You can take some temporary mitigations to fix this error. Read on to learn more.


By Yuka Updated on November 15, 2022

Share this: instagram reddit

Microsoft Exchange Server Overview

Microsoft Exchange Server

Microsoft Exchange Server is a mail server and calendar server developed by Microsoft. It runs exclusively on the Windows Server operating system. The first version was called Exchange Server 4.0. Exchange initially used the X.400 directory service, but later switched to Active Directory. Prior to version 5.0, it was bundled with an email client called Microsoft Exchange Client. This client has been discontinued in favor of Microsoft Outlook.

The Exchange server primarily used a proprietary protocol called MAPI to talk to email clients, but later added support for POP3, IMAP, and EAS. The standard SMTP protocol is used to communicate with other Internet mail servers.

Two Critical Exchange Zero-Day Vulnerabilities

Of the 69 Windows vulnerabilities fixed by Microsoft on Nov. 8, 11 are rated "critical" and three of them have been exploited by attackers. Microsoft issued security updates for two zero-day vulnerabilities affecting Microsoft Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019. The first was identified as CVE-2022-41040 and the second was identified as CVE-2022-41082.

💢 CVE-2022-41040: This Microsoft Exchange Server privilege elevation vulnerability allows an authenticated attacker to run PowerShell commands on the system.
💢 CVE-2022-41082: This Microsoft Exchange Server remote code execution vulnerability allows an authenticated attacker to trigger malicious code in the context of a server account via a network call.

Exchange Zero Day

These two vulnerabilities are collectively known as ProxyNotShell and have been exploited in the wild. Since September 2022, attackers have been linking the two security vulnerabilities to deploy the Chinese Chopper web shell on infected servers for persistence and data theft, as well as lateral movement within the victim's network.

Microsoft Fixes Proxynotshell Exchange Zero-Days Exploited In Attacks

Microsoft confirmed that the two Microsoft Exchange Server zero-day Vulnerabilities were actively abused in the Sept. 30 attack, saying it was "aware of a limited targeted attack that exploited both vulnerabilities to gain access to user systems.

Microsoft has previously been monitoring these already deployed malicious activity detections and will take the necessary response actions to protect customers. Pending the release of the updated patch, some users have taken some mitigations to fix these two exchange 0-day vulnerabilities. You can now go directly to Microsoft's website to download the November 2022 Patch Tuesday updates to fix these two critical issues.

Back Up Windows Server System to Protect Data or System

Hopefully, the November patch released by Microsoft will thoroughly help you fix the known bugs. But there will be hackers who will continue to work on how to exploit the newly reported vulnerabilities in the future, and different security holes will emerge.

A best practice is to regularly back up your system and important data. Every user will inevitably encounter problems related to Windows updates, resulting in unbootable systems, application and hardware compatibility issues, and even in extreme cases, data loss.

Here is a reliable third-party backup software for you - AOMEI Backupper Server, which is specially set up for all Windows Server and Windows PC users. Including Windows Server 2003, 2008, 2011, 2012, 2016, 2019, 2022 (including R2), Windows 11/10/8.1/8/7/Vista/XP.

🔹 It provides four types of backups. System/Disk/Partition/File backups, which can meet your different needs.
🔸 It allows you to set automatic backup schedule. You can set daily/weekly/monthly/event triggers.
🔹 It provides you with 3 backup methods. It allows you to do full/incremental/differential backups for scheduled tasks according to your needs. The latter two methods can help you back up only changed files and save space on the target disk.
🔸 It supports backup to multiple destinations. You can use it to store data to cloud drive, external hard drive, internal drive, NAS, CD/DVD, USB, etc.
🔹 It supports file system NTFS, FAT32, FAT16, EXT2, EXT3; disk style and type MBR, GPT, UEFI and dynamic disk.

You can follow the steps below to backup your Windows Server system in advance. If you encounter other critical vulnerabilities in the future, you can use this backup to easily restore your system to its previous working state.

  1. Click the Download button below for a 30-day free trial to install and launch the server backup tool. Click Backup and select System Backup.
Download Free Trial Windows Server & Windows PC
Secure Download

System Backup for Windows Server

  1. The program will automatically select the partition associated with the boot system for system backup. You can name the task to distinguish it from other backup tasks. Then click on the box below to select the backup destination.

Select Backup Destination

  1. Confirm the operation and click Start Backup to perform the backup.

Start Backup Windows Server

Final Words

No want to encounter these Exchange zero-day vulnerabilities, these can very much affect your Exchange Server experience. In severe cases, they may also cause damage to your system or data loss. Therefore, it is recommended that you apply CVE-2022-41040 and CVE-2022-41082 to your Exchange Server as soon as possible after the update patch is released.

That's why it's extra important to get into the habit of backing up regularly. It is well known that Microsoft always has different types of vulnerabilities and then it takes a long time to fix them. If you make a backup of your system in advance, you can use this backup to restore your computer to its previous state without these vulnerabilities when you encounter them.

This powerful software will not only help you to backup your system, you can also use it to make a bootable media. When you encounter any problem that prevents your computer from booting properly, you can perform a system restore with its help.

Yuka · Editor
Yuka, our dedicated editor at AOMEI Technology, is committed to bringing you valuable insights and guidance in data protection. Her mission is to empower everyone with her knowledge in computer backup and recovery, disk cloning, file synchronization, and more. Yuka's goal is to do her best to make complex tech tasks simple and ensure that your digital world remains safe and secure.