Microsoft Exchange Vulnerability - March 2021
Updated: Mar 22
In essence, this was an successful zero-day exploit by a cyber espionage group that Microsoft has publicly identified known as HAFNIUM that's affecting on-premise Exchange servers globally. Currently, information about the group is limited to what Microsoft has stated regarding the situation.
Why Does This Matter?
E-mail is one of the few backbone components in running a successful business. It's one of the many communication methods that our society uses everyday. This zero-day attack is a vulnerability that compromises the integrity of the e-mail messaging system and can majorly affect your business.
Mail servers store all those e-mails in a place where your computer can retrieve it from using your authorized credentials. It's akin to the post office. Beginning in early January, four of these exploits were found, giving attackers full access to e-mails/passwords, admin rights on the servers, and to connected devices in the network.
Typically with these kinds of threats, they will install additional vulnerabilities that will continue to let nefarious actors into the network even if a patch update is provided, which Microsoft had done in the first week of March.
Am I Safe?
This exploit takes advantage of Microsoft Exchange servers that are on-premise for your business. In other words, if you're hosting and managing that yourself, then yes, there is cause for concern.
The most common targets of the vulnerabilities are small businesses and non-profit organizations that lack the same funding and resources a large corporation may have to invest in data protection systems.
DMDS partners with industry leaders in email hosting, protection and compliance. Our systems were patched immediately to be protected from the initial threat and are being proactively monitored for issues. Click here for current status.
If you're looking for more details, we recommend that you watch this video - Hak5 - ME Zero Days