Category Archives: Windows OS

Patching Exchange Server 2019 and 2016: October 2022 (KB5019077) – Elevation of Privilege Vulnerabilities

Microsoft Exchange Server team has released a security update for On-Premises Exchange Servers. The October 2022, security updates are available for the following affected versions: I decided to create this blog post to summarize a bit on what this new security update would solve and what the CVEs are. I will also explain how we can check whether our Exchange

Read more

Mitigating CVE-2022-41040 with Exchange On-premises Mitigation Tool v2

CVE-2022-41040 is a SSRF vulnerability that recently came out, which impacts On-Premises Exchange servers. CVE-2022-41040 can enable an authenticated attacker to remotely trigger this exploit. However, authenticated access to the vulnerable Exchange Server is necessary to successfully exploit this. By the time of writing this blog post, Microsoft shared a temporary mitigation guidance that can be applied to harden Exchange

Read more

Why are Windows Defender AV logs so important and how to monitor them with Azure Sentinel?

Today we are going to talk about our good old friend or better known as Windows Defender AV. Not to confuse with the EDR solution that’s called ”Defender for Endpoint”. Windows Defender is the traditional out of the box antivirus for a Windows machine. In this blog post, we are going to explain why it is relevant to keep an

Read more