Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities

Oct 8, 2022 06:00 am Cyber Security 240
Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities

Microsoft on Friday disclosed it has made more improvements to the mitigation method offered as a means to prevent exploitation attempts against the newly disclosed unpatched security flaws in Exchange Server.


To that end, the tech giant has revised the blocking rule in IIS Manager from ".*autodiscover.json.*Powershell.*" to "(?=.*autodiscover.json)(?=.*powershell)."





The list of updated steps to add the URL Rewrite rule is below -


  • Open IIS Manager

  • Select Default Web Site

  • In the Feature View, click URL Rewrite

  • In the Actions pane on the right-hand side, click Add Rule(s)…

  • Select Request Blocking and click OK

  • Add the string "(?=.*autodiscover.json)(?=.*powershell)" (excluding quotes)

  • Select Regular Expression under Using

  • Select Abort Request under How to block and then click OK

  • Expand the rule and select the rule with the pattern: (?=.*autodiscover.json)(?=.*powershell) and click Edit under Conditions

  • Change the Condition input from {URL} to {UrlDecode:{REQUEST_URI}} and then click OK

    • Alternatively, users can achieve the desired protections by executing a PowerShell-based Exchange On-premises Mitigation Tool (EOMTv2.ps1), wh ..

    Support the originator by clicking the read the rest link below.

    microsoft issues improved mitigations unpatched exchange server vulnerabilities
    Read The Rest from the original source
    thehackernews.com

    Related News

    Be in Touch

    All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
    Powered By The Internet!!!!