PulseAugur
实时 13:25:53
English(EN) Microsoft Exchange Zero-Day Hack Confirmed—3 Vulnerabilities Exploited

Microsoft Exchange Server 遭到活跃的零日漏洞利用

微软已确认其本地部署的 Exchange Server 遭到活跃的零日漏洞利用,该漏洞被标识为 CVE-2026-42897。根据美国网络安全和基础设施安全局 (CISA) 的说法,此漏洞允许未经身份验证的远程代码执行,并且目前已被野外活跃利用。微软建议通过其 Exchange 紧急缓解服务 (Exchange Emergency Mitigation Service) 进行立即缓解,同时等待正式补丁发布。此漏洞在 Pwn2Own Berlin 黑客大赛上得到演示,对企业身份和通信系统构成了重大风险。 AI

影响 此漏洞利用针对企业通信基础设施,可能影响业务运营和数据安全,但未直接涉及 AI 功能。

排序理由 该集群报告了一个广泛使用的企业产品中已确认的活跃零日漏洞利用,具有即时的安全影响和供应商推荐的紧急缓解措施。[lever_c_demoted from significant: ic=4 ai=0.4]

在 Forbes — Innovation 阅读 →

AI 生成摘要 · Google Gemini · 来自 4 个来源。 我们如何撰写摘要 →

Microsoft Exchange Server 遭到活跃的零日漏洞利用

报道来源 [4]

  1. Forbes — Innovation TIER_1 English(EN) · Davey Winder, Senior Contributor ·

    微软确认存在0-Day漏洞利用—立即检查紧急缓解措施

    Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

  2. Forbes — Innovation TIER_1 English(EN) · Davey Winder, Senior Contributor ·

    微软确认存在0-Day在用漏洞—检查紧急缓解措施

    Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

  3. Forbes — Innovation TIER_1 English(EN) · Davey Winder, Senior Contributor ·

    Microsoft Exchange 0-Day 漏洞利用—立即启用紧急缓解措施

    Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

  4. Forbes — Innovation TIER_1 English(EN) · Davey Winder, Senior Contributor ·

    微软 Exchange 零日漏洞遭攻击——3个漏洞已被利用

    Microsoft Exchange has now joined Windows 11 as Pwn2Own zero-day hackers continue to successfully attack the tech giant’s products.