03/03/2021

Exploitation of Microsoft Exchange Server vulnerabilities – Action Recommended

On March 1, 2021, one of our security partners observed China Chopper web shell alerts triggered from multiple customer environments. Analysis revealed that the activity exploited Microsoft Exchange Server vulnerabilities. On March 2, Microsoft confirmed that Exchange vulnerabilities have been exploited in limited and targeted attacks and released out-of-band security updates.

Recommended actions

Customers are advised to review and apply the security updates as appropriate in their environments as soon as possible.

Questions

If you have any questions or concerns about this advisory, please contact us via support@empsn.org.uk

References

https://portal.secureworks.com/portal/intel/tip/8955
https://techcommunity.microsoft.com/t5/exchange-team-blog/released-march-2021-exchange-server-security-updates/ba-p/2175901
https://msrc.microsoft.com/update-guide/releaseNote/2021-Mar
https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/

Keeping Up To Date With Us Is Easy, Sign Up To Our Newsletter Today!

Stay in touch with emPSN, so that you get the latest e-safety advice and invites to our community events.

Our partners