Microsoft is urging customers to install emergency patches as soon as possible to protect against highly skilled hackers who are actively exploiting four zero-day vulnerabilities in Exchange Server. The software maker said hackers working on behalf of the Chinese government have been using the previously unknown exploits to hack on-premises Exchange Server software that is fully patched. So far, Hafnium, as Microsoft is calling the hackers, is the only group it has seen exploiting the vulnerabilities, but the company said that could change. "Even though we've worked quickly to deploy an update for the Hafnium exploits, we know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems," Microsoft Corporate Vice President of Customer Security & Trust Tom Burt wrote in a post published Tuesday afternoon . "Promptly applying today's patches is the best protection against this attack." Burt didn't identify the targets other than to say they are businesses that use on-premises Exchange Server software. He said that Hafnium operates from China, primarily for the purpose of stealing data from US-based infectious disease researchers, law firms, higher-education institutions, defense contractors, policy think tanks, and nongovernmental organizations. Further Reading Russian hackers hit US… Read full this story
- New Directors, better films: Annual New York festival showcases emerging talent
- Tale of sex, deception emerges about suspected Russian agent
- Revealed: how developers exploit flawed planning system to minimise affordable housing
- 'Little Caesar'’s Salad Days: Film Forum presents 'Warner Bros.: Tough Guys, Tough Dames…Tough Pictures'
- Survivor: David Vs. Goliath’s Shocking First Elimination Involved A Medical Emergency
- Editor's Note: October/November 2019 Issue Preview
- Huge 'Petya' ransomware attack hits Europe, sparks mass disruption
- White House Reveals How and When the US Keeps Security Flaws Secret
- What caused Wednesday night's rain burst? It's called a 'narrow cold‐frontal rain band'
- Bay Area to get a brief blast of warm weather before the cool air returns
Microsoft issues emergency patches for 4 exploited 0-days in Exchange have 319 words, post on arstechnica.com at March 2, 2021. This is cached page on IT Breaking News. If you want remove this page, please contact us.