Security News > 2021 > March > Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

Microsoft Corp. today released software updates to plug four security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products.
The patches released today fix security problems in Microsoft Exchange Server 2013, 2016 and 2019.
Microsoft says the flaws are being used by a previously unknown Chinese espionage group that's been dubbed "Hafnium," which is known to launch its attacks using hosting companies based in the United States.
According to Microsoft, Hafnium attackers have been observed combining all four zero-day flaws to target organizations running vulnerable Exchange Server products.
The attackers used CVE-2021-26857 to run code of their choice under the "System" account on a targeted Exchange server.
Microsoft technical advisory on the four Exchange Server flaws.
News URL
Related news
- Microsoft: Exchange Online bug mistakenly quarantines user emails (source)
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Chinese hackers abuse Microsoft APP-v tool to evade antivirus (source)
- Microsoft's End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now (source)
- Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
- Week-long Exchange Online outage causes email failures, delays (source)
- Microsoft Exchange Online outage affects Outlook web users (source)
- Hijacked Microsoft web domain injects spam into SharePoint servers (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-03 | CVE-2021-26857 | Deserialization of Untrusted Data vulnerability in Microsoft Exchange Server Microsoft Exchange Server Remote Code Execution Vulnerability | 0.0 |