Multiple Zero-Day Flaws and Vulnerabilities Uncovered in Microsoft Exchange and SketchUp Support

November 3, 2023 at 11:11 PM

•

1 min read

Multiple Zero-Day Flaws and Vulnerabilities Uncovered in Microsoft Exchange and SketchUp Support — Photo: Security Affairs

TL;DR Summary

The Zero Day Initiative (ZDI) has disclosed four zero-day vulnerabilities in Microsoft Exchange that can be exploited remotely by authenticated attackers to execute arbitrary code or disclose sensitive information. Despite being notified by ZDI, Microsoft has not yet fixed the vulnerabilities. The flaws include deserialization issues and server-side request forgery vulnerabilities.

Topics:technology #cybersecurity #information-disclosure #microsoft-exchange #remote-code-execution #responsible-disclosure #zero-day-vulnerabilities

Share this article

ZDI discloses four zero-day flaws in Microsoft Exchange Security Affairs
New Microsoft Exchange zero-days allow RCE, data theft attacks BleepingComputer
Microsoft Temporarily Disables SketchUp Support After Discovery of 117 Vulnerabilities SecurityWeek
Zscaler finds 117 Microsoft 365 bugs via SketchUp 3D file type TechTarget

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

88%

431 → 51 words

Want the full story? Read the original article

Read on Security Affairs

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights