Exchange Zero days are very common these days and there is a freshly baked one today (30th September 2022 as of writing). If you want to know what how the vulnerabilities work, take a look at the reference at the bottom. As a sysadmin I care about securing my systems.
Here are a few steps to mitigate this zero day vulnerability:
In IIS Manager on the Exchange Server, select the Autodiscover virtual directory and open URL Rewrite and add a new rule.
Select Request Blocking
Enter the string
.*autodiscover\.json.*\@.*Powershell.*
Using should be changed to Regular Expression.
Change URL to REQUEST_URI and save the changes.
References:
Reading time: 1 min