Multiple vulnerabilities in Microsoft Server Software

Description

Multiple vulnerabilities were found in Microsoft Server Software. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A spoofing vulnerability in Microsoft Exchange Server can be exploited remotely to spoof user interface.
2. A remote code execution vulnerability in Microsoft Exchange Server can be exploited remotely to execute arbitrary code.

Original advisories

• CVE-2022-24463

• CVE-2022-23277

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Microsoft-Exchange-Server

CVE list

• CVE-2022-24463
  high
• CVE-2022-23277
  critical

KB list

• 5012698
• 5010324

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com