CVE-2022-41040 Microsoft Exchange Server Elevation of Privilege Vulnerability.

A security researcher has reported a critical remote code execution vulnerability in Exchange Server, which could allow an attacker to hijack a login session of an affected user and gain full control of the affected system.

Exchange Server is an email messaging system that is widely used by large companies. This server is installed on the majority of email domains. It is a widely used server and is a component of the most widely used email system, Microsoft Exchange Server.

An attacker can exploit this vulnerability by sending an email with malicious content to an affected Exchange Server user. The user has to open this email on a mobile phone or on a computer that is connected to the Exchange Server through a network.

Once the user’s system is compromised, the attacker can send emails as that user to any system on the Exchange Server. These emails will appear to come from the user’s previous system.

This vulnerability affects versions of Exchange Server 2016, Exchange Server 2019, and Exchange Server 2013.

Microsoft has acknowledged this vulnerability and has released software updates. While researchers have confirmed that this vulnerability is being actively exploited in the wild, Microsoft has not reported any active attacks against this vulnerability at the time of writing this article.
* At the time of publishing this article, the status of this vulnerability was marked as “Critical”.

How to protect yourself from this vulnerability?

Install the latest version of Exchange Server

You can download it from the Microsoft website.

If you are using a mobile device, make sure to only access the Exchange Server using Wi-Fi networks.

Install and update all software on your computer as soon as possible.

Protect Exchange Server from malware attacks

This vulnerability allows an attacker to gain access to your system and take control of it. To protect the system from being exploited, you should install updates for Exchange Server.
Microsoft has released software updates that address this vulnerability on October 17th, 2019. You should apply these updates as soon as possible. If you have not yet applied Microsoft’s update for this vulnerability, please do so immediately.
If you are unsure about whether or not your organization is running an update for this vulnerability, please contact your IT department.
If you have already applied the update and are still seeing attacks against this vulnerability in the wild, you need to contact your security team to increase awareness of this exploit.

Install the latest software updates from Microsoft

Microsoft has released updates for Exchange Server 2016, Exchange Server 2019, and Exchange Server 2013 that address this vulnerability. These updates must be installed on all systems that are running one of these versions of the server or a later version of the server in order to protect them from an attack.
* As at the time of publishing this article, there was no known exploit for this vulnerability.

Update Exchange Server

To protect yourself from this vulnerability, you need to update Exchange Server. The software updates released by Microsoft provides protection for this vulnerability.

Timeline

Published on: 10/03/2022 01:15:00 UTC

References