Microsoft Urges Customers to Patch Exchange Server “Zero Day” Vulnerabilities

Robinson+Cole Data Privacy + Security Insider
Contact

In a rare sharing of information about vulnerabilities in a blog post, Microsoft this week urged customers to download software patches to Microsoft Exchange Server after it detected “multiple 0—Day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks.”

According to Microsoft’s Threat Intelligence Center, “[W]e are sharing this information with our customers and the security community to emphasize the critical nature of these vulnerabilities and the importance of patching all affected systems immediately.” In the attacks Microsoft has observed, “the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments.”

According to the blog post, the vulnerabilities being exploited were from state-sponsored actors operating out of China.

The vulnerabilities being exploited were CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065. Microsoft issued a patch, which can be accessed here.

MICROSOFT STRONGLY URGES CUSTOMERS TO UPDATE ON-PREMISES SYSTEMS IMMEDIATELY.

The post includes information on the threat actor, HAFNIUM, which has been behind numerous malicious exploits against “infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs.”

The vulnerabilities detected by Microsoft affect Microsoft Exchange Server 2013, 2016, and 2019. If your company is running any of these versions, please consult Microsoft’s instructions on patching.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Robinson+Cole Data Privacy + Security Insider | Attorney Advertising

Written by:

Robinson+Cole Data Privacy + Security Insider
Contact
more
less

Robinson+Cole Data Privacy + Security Insider on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.