Blocking Exchange CVE-2022-41040 Attacks via HAProxy

If you’re using Microsoft Exchange on-premise and you want to protect your setup against the recent CVE-2022-41040 and CVE-2022-41082 zero-day vulnerabilities, you can follow Microsoft’s instructions to set up a rewrite rule in IIS. If your Exchange setup is behind HAProxy, you can also block the requests at the proxy level. This is especially useful …

Blocking Exchange CVE-2022-41040 Attacks via HAProxy Read More »