Mitigation for ProxyNotShell Exchange Vulnerabilities Easily Bypassed

mitigation-for-proxynotshell-exchange-vulnerabilities-easily-bypassed

A mitigation proposed by Microsoft and others for the new Exchange Server zero-day vulnerabilities named ProxyNotShell can be easily bypassed, researchers warn.

The security holes, officially tracked as CVE-2022-41040 and CVE-2022-41082, can allow an attacker to remotely execute arbitrary code with elevated privileges.

read more