Customers should install updates for Exchange Server quickly, as vulnerabilities are already being exploited.
Microsoft has closed security holes in its Exchange Server e-mail software, which was allegedly used by Chinese hackers. The software group called on customers on Wednesday night to quickly install the security updates provided.
Microsoft wrote in a blog entry that the hacker group that Microsoft calls “Hafnium” wanted to use the four vulnerabilities to tap information primarily in the USA. The goals were, among other things, research on infectious diseases as well as universities, law firms and companies with defense contracts. The attacks were targeted, and Microsoft had no evidence that private customers were also attacked.
Affected versions
According to Microsoft, the Exchange server versions 2013, 2016 and 2019 are affected. Exchange is used by many companies, authorities and educational institutions as an e-mail platform. In the event of a successful attack via the vulnerabilities, it is possible to access data from the e-mail system. Microsoft has been made aware of the security gaps by IT security researchers.
According to Microsoft, the “Hafnium” group operates from China – but used the infrastructure in the USA for the attacks.
