Microsoft Exchange zero day

Mailman List Mirror (Read Only)

Eric_Kuhnke March 5, 2021, 10:25pm 1

ISPs/NSPs with customers running self hosted or on-premises Exchange may want to be aware of this.

https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/

https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/

Scott_Morizot March 5, 2021, 11:02pm 2

Yes, and CISA released an alert and an emergency directive.

https://us-cert.cisa.gov/ncas/current-activity/2021/03/03/cisa-issues-emergency-directive-and-alert-microsoft-exchange

Kevin_McCormick March 5, 2021, 11:07pm 3

Here is a blog covering some more in depth details.

Thank you,

Kevin McCormick