• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
IT Infrastructure, Network Security, News

Microsoft Releases Additional Updates To Help Customers Protect Against Exchange Server Vulnerabilities

Microsoft has released an additional series of updates to help customers more quickly protect their environments as estimated victim count surges.

March 9, 2021 Zachary Comeau Leave a Comment

Microsoft Exchange Server Vulnerabilities

Microsoft has released an additional series of updates to help customers more quickly protect their environments in light of the Microsoft Exchange Server vulnerability that has affected thousands of customers.

According to Microsoft, the new updates can be applied to some older and supported Cumulative Updates, but are intended only as a temporary measure to help IT and security personnel protect vulnerable machines now.

Customers should still update to the latest supported CU and then apply the applicable SUs, the company said in a Tech Community blog post.

The new update packages contain only fixes for the set of four vulnerabilities detailed by Microsoft, Volexity and other IT companies. The vulnerabilities appear to have been exploited by a sophisticated hacking group out of China, and tens of thousands of customers could be at risk of compromise.

The group, which Microsoft calls Hafnium, has been exploiting a previously unknown vulnerability in Exchange Server software. Microsoft’s security experts say the attacks target on-premises versions of Microsoft Exchange Servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments.

Hafnium first gains access to an Exchange Server either with stolen passwords or by using the vulnerabilities to disguise itself as a legitimate user. Then, the group creates web shells to control the compromised server remotely and uses that remote access from U.S.-based private servers to steal data.

The company also released a feed of observed indicators of compromise to help defenders as they investigate if their IT environment was impacted. The feed of malware hashes and known malicious file paths observed in related attacks is available in both JSON and CSV formats at the below GitHub links, the company says.

This comes as U.S. agencies like the Cybersecurity and Infrastructure Agency (CISA) ups its response to the attacks.

In a Monday tweet, CISA urged all organizations across all sectors to download Microsoft’s update to patch the vulnerability.

CISA urges ALL organizations across ALL sectors to follow guidance to address the widespread domestic and international exploitation of Microsoft Exchange Server product vulnerabilities; see CISA’s newly released web page for details. https://t.co/VwYqAKKUt6. #Cyber #InfoSec

— US-CERT (@USCERT_gov) March 9, 2021

Former CISA director Chris Krebs tweeted that the real victim numbers could dwarf what has been reported.

“This is a crazy huge hack,” Krebs tweeted.

This is a crazy huge hack. The numbers I’ve heard dwarf what’s reported here & by my brother from another mother (@briankrebs). Why, though? Is this a flex in the early days of the Biden admin to test their resolve? Is it an out of control cybercrime gang? Contractors gone wild? pic.twitter.com/cA4lkS4stg

— Chris Krebs (@C_C_Krebs) March 6, 2021

Cybersecurity researcher and journalist Brian Krebs (no relation to the former CISA director) reported last week said the number of victims could be around 30,000. Check out his recent blog post for a detailed timeline of the attacks, including how long Microsoft has known about the vulnerabilities, which was early January.

 

Tagged With: Cybersecurity, Microsoft

Related Content:

  • Microsoft Loop IT What You Need to Know About Microsoft Loop
  • YAMAHA UC ADECIA Yealink Yamaha UC Partners With Yealink for Audio &…
  • Microsoft, ChatGPT, GPT-4, GPT-3.5 What’s New With ChatGPT and Generative AI This…
  • CISA Ransomware CISA Wants You To Report Anything You Know…

Free downloadable guide you may like:

  • Four IT Trends That Will Define 2023Expert Series: Four IT Trends That Will Define 2023

    Learn about four key technologies we identified as critical to your IT organization’s success in 2023, as well as how to invest in new innovations emerging from each.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Four IT Trends That Will Define 2023
Expert Series: Four IT Trends That Will Define 2023

Learn about four key technologies we identified as critical to your IT organization’s success in 2023, as well as how to invest in new innovations ...

Harnessing the Power of Digital Signage
Harnessing the Power of Digital Signage

Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Blueprint Series Cover: What works for hybrid work
Blueprint Series: What Works for Hybrid Work

Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.