March 4, 2021

Urgent Microsoft Exchange Vulnerability

Urgent Microsoft Exchange Vulnerability

Microsoft acknowledged on Tuesday 3/2/2021 that there was a series of significant Zero-Day vulnerabilities related to Microsoft Exchange servers and has released an emergency patch that should be applied immediately to mitigate the risks to all organizations. The vulnerability affects on-premise Microsoft Exchange Server 2013, Microsoft Exchange Server 2016, and Microsoft Exchange Server 2019. If you have any of these in your environment, you should apply the emergency patch immediately according to Microsoft. In addition the Department of Homeland Security has issued a directive to any government agencies to patch and update immediately.

Where is the threat coming from?

At this point in time, Microsoft has identified the group – Hafnium as responsible for the threat and attack. It is believed that Hafnium is a state-sponsored threat actor based out of China.

How is it spread?

It is believed the threat is spread through 4 separate vulnerabilities in Microsoft Exchange Server. If a server has open connectivity to the Internet through port 443, which is very common, the attackers can take advantage of the vulnerability to gain access to email and data to exfiltrate the information.

How serious is the threat?

The threat is extremely serious in that it allows the attacker to not only get access to the data but also execute commands on the affected servers and related network. The most significant issue is that most if not all security is not able to detect and prevent this threat as of yet. Some cybersecurity firms have estimated that over 25% of the systems they have investigated have been affected by the vulnerability.

How do you protect your environment?

It is advised to immediately download and apply the recommended emergency patches from Microsoft. More information on this particular vulnerability can be found on the Microsoft blog located at –

https://blogs.microsoft.com/on-the-issues/2021/03/02/new-nation-state-cyberattacks/

If you have any questions or need assistance applying these emergency patches –

please call us at 417-334-0494

Our Past Posts

You’ve heard of Copilot… but what is it?

You’ve heard of Copilot… but what is it?

November 30, 2023 No Comments

You might have heard about Microsoft Copilot, but what is it? And will it really make a difference to your workday or business? We explain it all here.

SHOCK STAT: A third of business owners don’t trust their staff

SHOCK STAT: A third of business owners don’t trust their staff

November 23, 2023 No Comments

Do you trust your employees with sensitive business data? You might be shocked to learn how many business owners don’t. But why… ? We have the answers.

It’s time to say goodbye to traditional passwords

It’s time to say goodbye to traditional passwords

November 16, 2023 No Comments

Passwords could soon be a thing of the past, thanks to Passkeys. If you hate passwords, our latest tech update will make your day…

Are you using the all-new Teams yet?

Are you using the all-new Teams yet?

November 9, 2023 No Comments

Tired of waiting for Teams to load? Microsoft has heard your frustration and has rebuilt it from the ground up. The all-new Teams is faster and uses less memory; we give you all the details

Never mind “can’t teach an old dog new tricks”…

Never mind “can’t teach an old dog new tricks”…

November 2, 2023 No Comments

They say you can’t teach an old dog new tricks, but what happens when it’s a young pup that needs training? New research on people under 40 has revealed a scary attitude towards cyber security. We tell you more here.

Are you ready for Windows 11 to get even better?

October 12, 2023 No Comments

Windows 11 has already boosted our productivity and saved us time, but it hasn’t finished improving our working lives just yet. We have all the details.