Security News > 2021 > March > Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails
Microsoft Corp. today released software updates to plug four security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products.
The patches released today fix security problems in Microsoft Exchange Server 2013, 2016 and 2019.
Microsoft says the flaws are being used by a previously unknown Chinese espionage group that's been dubbed "Hafnium," which is known to launch its attacks using hosting companies based in the United States.
According to Microsoft, Hafnium attackers have been observed combining all four zero-day flaws to target organizations running vulnerable Exchange Server products.
The attackers used CVE-2021-26857 to run code of their choice under the "System" account on a targeted Exchange server.
Microsoft technical advisory on the four Exchange Server flaws.
News URL
Related news
- Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Microsoft fixes Office 365 apps crashing on Windows Server systems (source)
- Microsoft shares temp fix for Outlook crashing when writing emails (source)
- Microsoft fixes Windows Server 2022 bug breaking device boot (source)
- Microsoft: Exchange 2016 and 2019 reach end of support in October (source)
- Microsoft issues out-of-band fix for Windows Server 2022 NUMA glitch (source)
- One of Salt Typhoon's favorite flaws still wide open on 91% of at-risk Exchange Servers (source)
- The curious story of Uncle Sam's HR dept, a hastily set up email server, and fears of another cyber disaster (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-03 | CVE-2021-26857 | Deserialization of Untrusted Data vulnerability in Microsoft Exchange Server Microsoft Exchange Server Remote Code Execution Vulnerability | 0.0 |