Several Microsoft Exchange Zero-days Found, Allowing RCE And Data Stealing

Four zero-day vulnerabilities in Microsoft Exchange have been revealed, allowing remote attackers to execute arbitrary code and access sensitive data. Trend Micro's Zero Day Initiative disclosed these vulnerabilities to Microsoft on September 7th and 8th, 2023. Despite Microsoft's acknowledgment, they deemed the flaws not critical for immediate action, delaying fixes. In response, ZDI independently published the vulnerabilities to alert Exchange administrators about the security threats. Read more...