EXCHANGE: Urgent: Critical 0 day targeting exchange 2010+

Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics and procedures.

Read more: HAFNIUM targeting Exchange Servers with 0-day exploits – Microsoft Security

Important!

READ THIS BEFORE YOU START YOUR DAY

Exchange On Prem 0 day for all versions 2010+. Exchange Online not vulnerable, but even a single on prem box means a customer could be at risk.

March 2, 20212 – Exchange Out of Band Release – Multiple Security Updates Released for Exchange Server – HAFNIUM targeting Exchange Servers with 0-day exploits

Exchange Team Blog:
https://techcommunity.microsoft.com/t5/exchange-team-blog/released-march-2021-exchange-server-security-updates/ba-p/2175901

MSRC blog:
https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server

MSTIC blog:
https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/

Microsoft on the Issues
https://blogs.microsoft.com/on-the-issues/?p=64505

March 2, 2021 Security Update Release
March 2, 2021 Security Update Release – Release Notes – Security Update Guide – Microsoft

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close