Patrick Schmidt

 "CrowdStrike identified a new #exploit method called #OWASSRF, consisting of CVE-2022-41080 (Privilege Elevation) and CVE-2022-41082 to achieve Remote Code Execution on an #Exchange server through the OWA endpoint. [...]
Make sure that all on-premises Exchange servers receive the November 8th (KB5019758) patch. If you are unable to apply this patch immediately, Northwave recommends to disable OWA."

#microsoft #Windows #security

https://www.crowdstrike.com/blog/owassrf-exploit-analysis-and-recommendations/

OWASSRF: CrowdStrike Identifies New Method for Bypassing ProxyNotShell Mitigations

Learn how CrowdStrike recently discovered a new exploit method using CVE-2022-41080 and CVE-2022-41082 to achieve remote code execution (RCE) through Outlook Web Access.

crowdstrike.com
Dec 23, 2022 at 1:23pmWeb