The April 2025 Security Update Review

April 08, 2025 | Dustin Childs CONTINUE READING
Exploiting Exchange PowerShell After ProxyNotShell: Part 4 – No Argument Constructor
Blog post

Exploiting Exchange PowerShell After ProxyNotShell: Part 4 – No Argument Constructor

Exploiting Exchange PowerShell After ProxyNotShell: Part 3 – DLL Loading Chain for RCE
Blog post

Exploiting Exchange PowerShell After ProxyNotShell: Part 3 – DLL Loading Chain for RCE

Exploiting Exchange PowerShell After ProxyNotShell: Part 2 - ApprovedApplicationCollection
Blog post

Exploiting Exchange PowerShell After ProxyNotShell: Part 2 - ApprovedApplicationCollection

Exploiting Exchange PowerShell After ProxyNotShell: Part 1 - MultiValuedProperty
Blog post

Exploiting Exchange PowerShell After ProxyNotShell: Part 1 - MultiValuedProperty

Unpatched Powerful SSRF in Exchange OWA – Getting Response Through Attachments
Blog post

Unpatched Powerful SSRF in Exchange OWA – Getting Response Through Attachments

Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend
Blog post

Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend

The Top 5 Bugs Submitted in 2021
Blog post

The Top 5 Bugs Submitted in 2021

ProxyToken: An Authentication Bypass in Microsoft Exchange Server
Blog post

ProxyToken: An Authentication Bypass in Microsoft Exchange Server

From Pwn2Own 2021: A New Attack Surface on Microsoft Exchange - ProxyShell!
Blog post

From Pwn2Own 2021: A New Attack Surface on Microsoft Exchange - ProxyShell!

CVE-2020-0688: Remote Code Execution on Microsoft Exchange Server Through Fixed Cryptographic Keys
Blog post

CVE-2020-0688: Remote Code Execution on Microsoft Exchange Server Through Fixed Cryptographic Keys