Chinese Hackers caught exploiting new Exchange 0-day vulnerability
On Tuesday March 2nd, Microsoft announced a new zero-day vulnerability targeting Exchange email servers. M365 Exchange online is not affected. Microsoft quickly released out-of-band patches to address the vulnerability. Our NOC (Network Operations Center) immediately went into action, patching client’s exchange servers late into the evening.
For more information on the breaches, please see the following articles:
- Tech Community / MS Patch Response – Released: March 2021 Exchange Server Security Updates – Microsoft Tech Community
- MS Security Center Response – Multiple Security Updates Released for Exchange Server – Microsoft Security Response Center
Unfortunately, this information comes to light after the exploits have been observed in the wild by security researchers, as is often the case with these vulnerabilities. Our NOC has been examining systems looking for evidence of attack, and we believe that the attack is more widespread than Microsoft initially disclosed. We will be notifying any affected clients directly.
We have been advising clients with traditional Exchange servers to move to Microsoft 365 hosted Exchange online for increased functionality, security, and cost savings.