Security News > 2021 > March > Four Microsoft Exchange Zero-Days Exploited by China

Four Microsoft Exchange Zero-Days Exploited by China

2021-03-04 19:03

Microsoft has issued an emergency Microsoft Exchange patch to fix four zero-day vulnerabilities currently being exploited by China. EDITED TO ADD (3/12): Exchange Online is not affected.

News URL

https://www.schneier.com/blog/archives/2021/03/four-microsoft-exchange-zero-days-exploited-by-china.html

#china #exchange #microsoft #zeroday

Related news

Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) (source)
Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) (source)
Microsoft Exchange adds warning to emails abusing spoofing flaw (source)
Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
Microsoft pulls Exchange security updates over mail delivery issues (source)
Microsoft launches Zero Day Quest hacking event with $4 million in rewards (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft		480	75	2308	5128	264	7775

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.