{"id":48029,"date":"2026-06-15T10:30:41","date_gmt":"2026-06-15T03:30:41","guid":{"rendered":"https:\/\/antoanthongtinhaiphong.gov.vn\/?p=48029"},"modified":"2026-06-18T10:31:18","modified_gmt":"2026-06-18T03:31:18","slug":"microsoft-canh-bao-lo-hong-exchange-server-dang-bi-khai-thac-qua-email","status":"publish","type":"post","link":"https:\/\/antoanthongtinhaiphong.gov.vn\/microsoft-canh-bao-lo-hong-exchange-server-dang-bi-khai-thac-qua-email\/","title":{"rendered":"Microsoft c\u1ea3nh b\u00e1o l\u1ed7 h\u1ed5ng Exchange Server \u0111ang b\u1ecb khai th\u00e1c qua email"},"content":{"rendered":"<div><b>Microsoft v\u1eeba c\u1ea3nh b\u00e1o v\u1ec1 m\u1ed9t l\u1ed7 h\u1ed5ng zero-day tr\u00ean Exchange Server \u0111ang b\u1ecb khai th\u00e1c trong th\u1ef1c t\u1ebf. L\u1ed7 h\u1ed5ng mang m\u00e3 CVE-2026-42897 cho ph\u00e9p tin t\u1eb7c th\u1ef1c thi m\u00e3 JavaScript trong phi\u00ean l\u00e0m vi\u1ec7c c\u1ee7a ng\u01b0\u1eddi d\u00f9ng th\u00f4ng qua m\u1ed9t email \u0111\u01b0\u1ee3c t\u1ea1o \u0111\u1eb7c bi\u1ec7t, m\u1edf ra nguy c\u01a1 \u0111\u00e1nh c\u1eafp th\u00f4ng tin x\u00e1c th\u1ef1c v\u00e0 chi\u1ebfm quy\u1ec1n truy c\u1eadp h\u1ed9p th\u01b0.<\/b><br \/>\n\u200b<\/div>\n<div>\n<div class=\"bbImageWrapper  js-lbImage\" title=\"Microsoft Exchange.png\" data-src=\"https:\/\/whitehat.vn\/attachments\/microsoft-exchange-png.19153\/\" data-lb-sidebar-href=\"\" data-lb-caption-extra-html=\"\" data-single-image=\"1\"><img loading=\"lazy\" decoding=\"async\" class=\"bbImage\" title=\"Microsoft Exchange.png\" src=\"https:\/\/whitehat.vn\/attachments\/microsoft-exchange-png.19153\/\" alt=\"Microsoft Exchange.png\" width=\"700\" height=\"390\" data-url=\"\" data-zoom-target=\"1\" \/><\/div>\n<\/div>\n<div>\nTheo Microsoft, l\u1ed7 h\u1ed5ng n\u1eb1m trong Outlook Web Access (OWA), giao di\u1ec7n web cho ph\u00e9p ng\u01b0\u1eddi d\u00f9ng truy c\u1eadp h\u1ed9p th\u01b0 Exchange th\u00f4ng qua tr\u00ecnh duy\u1ec7t. Nguy\u00ean nh\u00e2n b\u1eaft ngu\u1ed3n t\u1eeb vi\u1ec7c d\u1eef li\u1ec7u \u0111\u1ea7u v\u00e0okh\u00f4ng \u0111\u01b0\u1ee3c x\u1eed l\u00fd v\u00e0 v\u00f4 hi\u1ec7u h\u00f3a \u0111\u00fang c\u00e1ch khi t\u1ea1o n\u1ed9i dung trang web, t\u1ea1o \u0111i\u1ec1u ki\u1ec7n cho c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng cross-site scripting (XSS).<\/p>\n<p>K\u1ebb t\u1ea5n c\u00f4ng kh\u00f4ng c\u1ea7n x\u00e1c th\u1ef1c hay s\u1edf h\u1eefu quy\u1ec1n truy c\u1eadp tr\u01b0\u1edbc v\u00e0o h\u1ec7 th\u1ed1ng m\u1ee5c ti\u00eau. Ch\u1ec9 c\u1ea7n g\u1eedi m\u1ed9t email \u0111\u01b0\u1ee3c t\u1ea1o \u0111\u1eb7c bi\u1ec7t v\u00e0 khi\u1ebfn n\u1ea1n nh\u00e2n m\u1edf th\u01b0 th\u00f4ng qua OWA, m\u00e3 JavaScript do tin t\u1eb7c ki\u1ec3m so\u00e1t c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c th\u1ef1c thi trong phi\u00ean \u0111\u0103ng nh\u1eadp hi\u1ec7n t\u1ea1i c\u1ee7a ng\u01b0\u1eddi d\u00f9ng. Sau khi khai th\u00e1c th\u00e0nh c\u00f4ng, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 \u0111\u00e1nh c\u1eafp th\u00f4ng tin x\u00e1c th\u1ef1c, chi\u1ebfm quy\u1ec1n phi\u00ean l\u00e0m vi\u1ec7c, gi\u1ea3 m\u1ea1o th\u01b0 \u0111i\u1ec7n t\u1eed ho\u1eb7c th\u1ef1c hi\u1ec7n c\u00e1c h\u00e0nh \u0111\u1ed9ng d\u01b0\u1edbi danh ngh\u0129a n\u1ea1n nh\u00e2n.<\/p>\n<p>Microsoft cho bi\u1ebft c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng khai th\u00e1c CVE-2026-42897 \u0111\u00e3 \u0111\u01b0\u1ee3c ghi nh\u1eadn trong th\u1ef1c t\u1ebf, khi\u1ebfn l\u1ed7 h\u1ed5ng n\u00e0y \u0111\u01b0\u1ee3c x\u1ebfp v\u00e0o nh\u00f3m c\u1ea7n \u01b0u ti\u00ean x\u1eed l\u00fd kh\u1ea9n c\u1ea5p. V\u1edbi \u0111i\u1ec3m CVSS 8.1, CVE-2026-42897 \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn t\u1ea5t c\u1ea3 c\u00e1c m\u1ee9c c\u1eadp nh\u1eadt c\u1ee7a Exchange Server 2016, Exchange Server 2019 v\u00e0 Exchange Server Subscription Edition (SE). D\u1ecbch v\u1ee5 Exchange Online trong Microsoft 365 hi\u1ec7n kh\u00f4ng n\u1eb1m trong ph\u1ea1m vi t\u00e1c \u0111\u1ed9ng.<\/p>\n<p>Kh\u00e1c v\u1edbi nhi\u1ec1u chi\u1ebfn d\u1ecbch t\u1ea5n c\u00f4ng qua email th\u01b0\u1eddng d\u1ef1a v\u00e0o li\u00ean k\u1ebft ho\u1eb7c t\u1ec7p \u0111\u00ednh k\u00e8m \u0111\u1ed9c h\u1ea1i, CVE-2026-42897 l\u1ee3i d\u1ee5ng tr\u1ef1c ti\u1ebfp c\u00e1ch OWA x\u1eed l\u00fd v\u00e0 hi\u1ec3n th\u1ecb n\u1ed9i dung th\u01b0 \u0111i\u1ec7n t\u1eed. Khi n\u1ea1n nh\u00e2n m\u1edf email \u0111\u01b0\u1ee3c t\u1ea1o \u0111\u1eb7c bi\u1ec7t, m\u00e3 JavaScript c\u1ee7a k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c th\u1ef1c thi ngay trong phi\u00ean tr\u00ecnh duy\u1ec7t \u0111ang \u0111\u0103ng nh\u1eadp. C\u00e1ch th\u1ee9c n\u00e0y gi\u00fap m\u00e3 \u0111\u1ed9c \u1ea9n m\u00ecnh trong ho\u1ea1t \u0111\u1ed9ng th\u01b0 \u0111i\u1ec7n t\u1eed th\u00f4ng th\u01b0\u1eddng, l\u00e0m t\u0103ng nguy c\u01a1 b\u1ecb b\u1ecf s\u00f3t b\u1edfi c\u00e1c c\u01a1 ch\u1ebf ph\u00e1t hi\u1ec7n truy\u1ec1n th\u1ed1ng.<\/p>\n<p>Tr\u01b0\u1edbc vi\u1ec7c l\u1ed7 h\u1ed5ng \u0111\u00e3 b\u1ecb khai th\u00e1c ngo\u00e0i th\u1ef1c t\u1ebf, Microsoft \u0111\u00e3 k\u00edch ho\u1ea1t c\u01a1 ch\u1ebf b\u1ea3o v\u1ec7 kh\u1ea9n c\u1ea5p th\u00f4ng qua Exchange Emergency Mitigation Service (EM Service) tr\u00ean c\u00e1c h\u1ec7 th\u1ed1ng Exchange \u0111\u01b0\u1ee3c h\u1ed7 tr\u1ee3. D\u1ecbch v\u1ee5 n\u00e0y c\u00f3 kh\u1ea3 n\u0103ng t\u1ef1 \u0111\u1ed9ng tri\u1ec3n khai c\u00e1c bi\u1ec7n ph\u00e1p gi\u1ea3m thi\u1ec3u m\u00e0 kh\u00f4ng y\u00eau c\u1ea7u qu\u1ea3n tr\u1ecb vi\u00ean can thi\u1ec7p ngay l\u1eadp t\u1ee9c, gi\u00fap thu h\u1eb9p c\u1eeda s\u1ed5 t\u1ea5n c\u00f4ng trong th\u1eddi gian ch\u1edd c\u00e0i \u0111\u1eb7t b\u1ea3n v\u00e1 ch\u00ednh th\u1ee9c. \u0110\u1ed1i v\u1edbi c\u00e1c m\u00f4i tr\u01b0\u1eddng kh\u00f4ng k\u1ebft n\u1ed1i Internet ho\u1eb7c v\u1eadn h\u00e0nh trong m\u1ea1ng n\u1ed9i b\u1ed9 t\u00e1ch bi\u1ec7t, Microsoft cung c\u1ea5p c\u00f4ng c\u1ee5 Exchange On-Premises Mitigation Tool (EOMT) \u0111\u1ec3 qu\u1ea3n tr\u1ecb vi\u00ean ch\u1ee7 \u0111\u1ed9ng \u00e1p d\u1ee5ng c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o v\u1ec7 tr\u00ean t\u1eebng m\u00e1y ch\u1ee7.<\/p>\n<p>H\u00e3ng c\u0169ng \u0111\u00e3 ph\u00e1t h\u00e0nh b\u1ea3n v\u00e1 b\u1ea3o m\u1eadt ch\u00ednh th\u1ee9c trong \u0111\u1ee3t c\u1eadp nh\u1eadt th\u00e1ng 6\/2026 cho c\u00e1c phi\u00ean b\u1ea3n Exchange \u0111\u01b0\u1ee3c h\u1ed7 tr\u1ee3. Microsoft khuy\u1ebfn ngh\u1ecb c\u00e1c t\u1ed5 ch\u1ee9c c\u00e0i \u0111\u1eb7t b\u1ea3n v\u00e1 s\u1edbm nh\u1ea5t c\u00f3 th\u1ec3 v\u00e0 ti\u1ebfp t\u1ee5c duy tr\u00ec c\u00e1c bi\u1ec7n ph\u00e1p gi\u1ea3m thi\u1ec3u hi\u1ec7n c\u00f3 nh\u01b0 m\u1ed9t l\u1edbp b\u1ea3o v\u1ec7 b\u1ed5 sung. Microsoft l\u01b0u \u00fd r\u1eb1ng m\u1ed9t s\u1ed1 t\u00ednh n\u0103ng c\u1ee7a OWA c\u00f3 th\u1ec3 b\u1ecb \u1ea3nh h\u01b0\u1edfng sau khi \u00e1p d\u1ee5ng c\u01a1 ch\u1ebf gi\u1ea3m thi\u1ec3u, bao g\u1ed3m hi\u1ec3n th\u1ecb h\u00ecnh \u1ea3nh n\u1ed9i tuy\u1ebfn, in l\u1ecbch v\u00e0 m\u1ed9t s\u1ed1 ch\u1ee9c n\u0103ng li\u00ean quan \u0111\u1ebfn l\u1ecbch l\u00e0m vi\u1ec7c. C\u00e1c h\u1ea1n ch\u1ebf n\u00e0y d\u1ef1 ki\u1ebfn s\u1ebd \u0111\u01b0\u1ee3c lo\u1ea1i b\u1ecf sau khi h\u1ec7 th\u1ed1ng \u0111\u01b0\u1ee3c c\u1eadp nh\u1eadt \u0111\u1ea7y \u0111\u1ee7 b\u1ea3n v\u00e1 m\u1edbi nh\u1ea5t.<\/p>\n<p>Vi\u1ec7c m\u1ed9t l\u1ed7 h\u1ed5ng Exchange Server b\u1ecb khai th\u00e1c d\u01b0\u1edbi d\u1ea1ng zero-day cho th\u1ea5y m\u00e1y ch\u1ee7 th\u01b0 \u0111i\u1ec7n t\u1eed v\u1eabn l\u00e0 m\u1ee5c ti\u00eau c\u00f3 gi\u00e1 tr\u1ecb \u0111\u1ed1i v\u1edbi c\u00e1c nh\u00f3m t\u1ea5n c\u00f4ng m\u1ea1ng. C\u00e1c t\u1ed5 ch\u1ee9c \u0111ang v\u1eadn h\u00e0nh Exchange Server n\u00ean kh\u1ea9n tr\u01b0\u01a1ng r\u00e0 so\u00e1t h\u1ec7 th\u1ed1ng, tri\u1ec3n khai b\u1ea3n v\u00e1 v\u00e0 theo d\u00f5i c\u00e1c d\u1ea5u hi\u1ec7u b\u1ea5t th\u01b0\u1eddng \u0111\u1ec3 gi\u1ea3m nguy c\u01a1 b\u1ecb x\u00e2m nh\u1eadp.\u200b<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft v\u1eeba c\u1ea3nh b\u00e1o v\u1ec1 m\u1ed9t l\u1ed7 h\u1ed5ng zero-day tr\u00ean Exchange Server \u0111ang b\u1ecb khai th\u00e1c trong th\u1ef1c t\u1ebf. L\u1ed7 h\u1ed5ng mang m\u00e3 CVE-2026-42897 cho ph\u00e9p tin t\u1eb7c th\u1ef1c thi m\u00e3 JavaScript trong phi\u00ean l\u00e0m vi\u1ec7c c\u1ee7a ng\u01b0\u1eddi d\u00f9ng th\u00f4ng qua m\u1ed9t email \u0111\u01b0\u1ee3c t\u1ea1o \u0111\u1eb7c bi\u1ec7t, m\u1edf ra nguy c\u01a1 \u0111\u00e1nh c\u1eafp th\u00f4ng tin [&hellip;]<\/p>\n","protected":false},"author":20,"featured_media":48030,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[3,24,35],"tags":[],"class_list":["post-48029","post","type-post","status-publish","format-standard","has-post-thumbnail","category-canh-bao-khuyen-nghi","category-tin-noi-bat","category-tin-tuc-su-kien"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/48029","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/comments?post=48029"}],"version-history":[{"count":1,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/48029\/revisions"}],"predecessor-version":[{"id":48031,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/48029\/revisions\/48031"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media\/48030"}],"wp:attachment":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media?parent=48029"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/categories?post=48029"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/tags?post=48029"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}