Microsoft Exchange Server Zero-day Temporary Mitigation Can Be Bypassed, Security Researchers Say

Threat actors have been abusing two Microsoft Exchange zero-days in order to breach its servers and remotely execute the malicious code. Microsoft has suggested the mitigation for the attacks, however, according to security researchers, the solution isn't enough for the on-premise servers and can be bypassed without much effort. One of the issues with Microsoft's mitigation is it being "unnecessarily precise, and therefore insufficient." Read more...