Exploitation of Microsoft Exchange Server vulnerabilities - Action Recommended - emPSN

Blog › Service Updates › Exploitation of Microsoft Exchange Server vulnerabilities – Action Recommended

03/03/2021

Exploitation of Microsoft Exchange Server vulnerabilities – Action Recommended

On March 1, 2021, one of our security partners observed China Chopper web shell alerts triggered from multiple customer environments. Analysis revealed that the activity exploited Microsoft Exchange Server vulnerabilities. On March 2, Microsoft confirmed that Exchange vulnerabilities have been exploited in limited and targeted attacks and released out-of-band security updates.

Recommended actions

Customers are advised to review and apply the security updates as appropriate in their environments as soon as possible.

Questions

If you have any questions or concerns about this advisory, please contact us via support@empsn.org.uk

References

https://portal.secureworks.com/portal/intel/tip/8955
https://techcommunity.microsoft.com/t5/exchange-team-blog/released-march-2021-exchange-server-security-updates/ba-p/2175901
https://msrc.microsoft.com/update-guide/releaseNote/2021-Mar
https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/

Service Updates