You can now find Cyber Kendra on Google News | Telegram

Microsoft Releases Emergency Patches for four 0-day Vulnerabilities

Chinese APT group Hafnium started exploiting Microsoft Exchange Vulnerability

Microsoft has released emergency security updates to its Exchange mail server that fix four zero-day vulnerabilities already exploited by Chinese hackers.

The Chinese government's APT Hafnium uses the victim's internet-connected servers as an entry point into its internal networks. Hafnium is known for its attacks on targets in the United States, including infectious disease researchers, law firms, higher education institutions, defense contractors, and nongovernmental organizations.

In a new wave of attacks this year, the group exploited four previously unknown vulnerabilities in Microsoft Exchange. According to Microsoft and Volexity , the cybercriminals exploited these vulnerabilities in a complex, multi-part attack to bypass authentication mechanisms, gain administrator privileges and install ASPX web shells on compromised servers.

Having gained access to the mail server of the attacked organization, the hackers exported the contents of e-mail boxes and address books to a remote server. The specialists of the information security company Volexity discovered the unloading of data from the mail servers of two of its clients. In a subsequent investigation, they uncovered the malicious Hafnium operation and notified Microsoft about it. In turn, Microsoft discovered four previously unknown vulnerabilities in its product and released emergency patches.

The issues affect only Exchange mail servers installed on-premises, not Exchange Online.

Neither Microsoft nor Volexity are disclosing the victims of the new malicious Hafnium operation, but Microsoft's vice president of consumer trust and safety, Tom Burt, said they "have informed the relevant US government agencies of the activity."

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.