Critical Exchange Server Zero‑Day Exploited in the Wild – Patch Now

Microsoft disclosed a critical zero‑day vulnerability (CVE‑2024‑XXXXX) in on‑premises Exchange Server that permits unauthenticated attackers to execute arbitrary code. Exploitation chains observed in the wild use specially crafted HTTP requests to trigger the flaw and drop custom web shells, giving threat actors persistent control over the compromised mail server.

The bug is being actively leveraged, with web shells seen in multiple regions shortly after the advisory’s release. Defenders must apply Microsoft’s emergency patches immediately, audit Exchange logs for suspicious web‑shell activity, and deploy the provided detection signatures. Failure to remediate leaves organizations exposed to credential theft, data exfiltration, and lateral movement across the network.

Categories: Vulnerabilities & Exploits, Threat Intelligence

Source: Read original article