Microsoft Exchange server vulnerabilities
On the 5th of January 2021 there was an exploit reported on the Microsoft Exchange server and on the 6th January 2021 the first breach was observed. But nobody really knew anything about it.
“The attacker was detected by a group on the 5th of January and also by another group on the 6th of January and then Microsoft acknowledged the problem immediately” (Bruce Schneier, 2021).
What is the Microsoft Exchange Server zero-day vulnerability?
A zero-day attack is a software-related attack that makes use of a weakness that a developer did not know about. The name zero-days comes from the amount of days a developer knew about the problems. The solution is securing the software which is also known as a software patch.
Who has taken advantage of these vulnerabilities?
Microsoft has alleged associated attacks to ‘hafnium. Hafnium is a state sponsored advanced persistent threat (APT) Group from China. This group has been described and labelled as “highly skilled and sophisticated”.
The patches to prevent this have now been released on the 2nd of March 2021 and Microsoft have urged organisations to apply them as soon as possible to keep confidential data on the Exchange servers safe.
Here is the most important question after reading all about this flaw.
Is Microsoft Exchange Server safe?
If you do nothing – then it is not safe. Follow the guidance from the National Cyber Security Centre – Microsoft vulnerabilities exploitation – updated advice – NCSC.GOV.UK or get help from Octagon Technology.
Clive Catton MSc (Cyber Security) – by-line and other articles
References
Bruce Schneier, 2021. More on the Chinese Zero-Day Microsoft Exchange Hack – Schneier on Security
