Get Permission
Microsoft issued emergency software patches on Tuesday for four zero-day vulnerabilities in its Exchange email server, one of the most widely used pieces of enterprise infrastructure.
The company says it believes the flaws have been exploited by a China-based group it calls Hafnium, which is seeking to gain persistent access to email systems. Microsoft typically issues patches for Windows and other products on the second Tuesday of every month, but it makes exceptions for security vulnerabilities that are deemed particularly dangerous.
Although Microsoft describes the attacks as limited and targeted, there are already indications that many other hacking groups are mounting attacks hoping to catch slow-patching organizations off guard. The flaws appear to have been exploited since at least early January.
Microsoft has rolled out a security update to fix four zero-day flaws in Exchange Server that bad actors have been using to infiltrate companies and organizations across industries.
Hackers used flaws in the software to gain access to email accounts via on-premise Exchange servers. Further, they used them to install additional malware to facilitate long-term access at victim’s environments, Microsoft said.