Less than two weeks ago, Microsoft disclosed important information. According to the company, Chinese hackers were gaining access to organizations’ email accounts through vulnerabilities in its Exchange Server email software as well as issued security patches.
Based on the information provided by Microsoft, four vulnerabilities in its software allowed hackers to access servers for the popular email and calendar service. The tech giant urged customers to immediately update their on-premises systems with software updates.
Interestingly, the hack will probably stand out as one of the top cybersecurity events of the year. As a reminder, Exchange is still widely used around the world. Furthermore, this attack could lead companies to spend more money on security software to prevent future attacks. Moreover, it makes sense to move to cloud-based email instead of running their own email servers in-house.
It is worth mentioning that multiple U.S. government agencies are investigating the attack.
Hopefully, IT departments are working on applying the patches. Nevertheless, that takes time, and the vulnerability is still widespread. As a reminder, at the beginning of the month, Microsoft released the information. According to the company, there were vulnerabilities in its Exchange Server mail and calendar software for corporate and government data centers. The tech giant released parches for 2010, 2013, 2016, and 2019 versions of Exchange.
Typically, Microsoft releases updates on Patch Tuesday, which occurs on the second Tuesday of each month. Nonetheless, the announcement about attacks on the Exchange software came on the first Tuesday. This decision underlines the importance of this issue. Moreover, the company took the unusual step of issuing a patch for the 2010 edition.
It is worth mentioning that hackers had initially pursued specific targets. Nevertheless, in February, they started going after more servers with vulnerable software that they could spot. According to the company, the main group exploiting vulnerabilities is a nation-state group based in China that it calls Hafnium. Interestingly, attacks on the Exchange software started in early January.
Hopefully, the four vulnerabilities Microsoft disclosed do not affect Exchange Online, Microsoft’s cloud-based email and calendar service.
The goal of the group that attacked Exchange software was to gain information from defense contractors, schools, and other entities in the U.S. Last but not least, the tech giant is encouraging customers to install the security patches it delivered last week. The tech giant is working hard to help customers. Companies, as well as individuals, should pay more attention to cybersecurity.
Key points: The Eurozone's GDP grew by 0.3% in Q1 2024, showing signs of stabilisation after 2023's slight contraction. April…
Key Points: S&P 500 and Nasdaq 100 Stock Futures Show Decline: S&P 500 down 0.07%, Nasdaq 100 drops 0.29%, signaling…
Key Points: Bitcoin price is currently $59,966, reflecting a 5.75% drop in 24 hours. Key resistance at $59,145 and support…
Key Points: Brent and WTI oil futures fell by 0.9% and 1%, respectively. US crude stockpiles unexpectedly increased by 4.9…
Key Points: GBP/USD fell below 1.2490, indicating significant market sentiment shifts and potential broader economic impact. Bank of England's dovish…
Key Points: NZD/USD drop to 0.5880 is driven by worsening New Zealand job market data and mixed economic signals. RBNZ…
This website uses cookies.