Microsoft Exchange Security Flaws Could Put User's Data At Risk
Microsoft Exchange has quite a storied history of security vulnerabilities and breaches given its widespread usage in the corporate world. While there has not been much news regarding Exchange for a while, the Zero Day Initiative has found four vulnerabilities that, while not absolutely critical, could still pose a risk for opportunistic threat actors going after an organization.
A few days ago, the Zero Day Initiative disclosed four vulnerabilities in Microsoft Exchange. These vulnerabilities, outlined below, were initially disclosed to Microsoft on September 7th and 8th. However, Microsoft reportedly didn't respond immediately, despite the potential of privilege escalation, sensitive information disclosure, or code execution.
- ZDI-23-1578 – A flaw within the ChainedSerializationBinder class with respect to improper user-supplied data validation could lead to code execution as SYSTEM.
- ZDI-23-1579 – A flaw within the DownloadDataFromUri method could allow an attacker to disclose sensitive information.
- ZDI-23-1580 – A flaw within the DownloadDataFromOfficeMarketPlace could allow an attacker to disclose sensitive information.
- ZDI-23-1581 – A flaw within the CreateAttachmentFromUri method could allow an attacker to disclose sensitive information.
While this isn’t an excuse to ignore the vulnerabilities, they are not calamitous issues either. However, it does give the opportunity to review security best practices and ensure that your Exchange servers are up to date with the latest patches and are locked down to the point where these flaws are not going to be a problem.