What you need to know
- Microsoft released security updates that fix vulnerabilities in Exchange Server software.
- The vulnerabilities were utilized in an attack by a state-sponsored attacker based in China.
- Microsoft "strongly [encourages] all Exchange Server customers to apply these updates immediately."
Microsoft recently rolled out security updates to fix four vulnerabilities in Exchange Server software (via Engadget). The vulnerabilities were utilized in cyberattacks orchestrated by a group Microsoft calls Hafnium. As explained by a Microsoft blog post, Hafnium operates out of China and is "a highly skilled and sophisticated actor."
Microsoft refers to Hafnium as a state-sponsored threat actor that operates out of China, but that primarily conducts its operations from leased virtual private services in the United States.
According to Microsoft, the primary targets of Hafnium include infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs.
Microsoft outlines the three steps of the recent attacks:
Microsoft released security updates that will protect people running Exchange Server. Microsoft says that all Exchange Server customers should apply the updates immediately.
The company also briefed U.S. government agencies on the attacks.
Microsoft concludes the blog post by specifying that these attacks are not connected in any way to the SolarWinds attacks that have been in the headlines.
Microsoft has another post that breaks down the attacks in more technical detail.
Sean Endicott is the news writer for Windows Central. If it runs Windows, is made by Microsoft, or has anything to do with either, he's on it. Sean's been with Windows Central since 2017 and is also our resident app expert. If you have a news tip or an app to review, hit him up at email@example.com.
"Microsoft refers to Hafnium as a state-sponsored threat actor that operates out of China" Looks like this is mostly science-and-tech espionage (not that we should take that lightly) but I wonder if that will change. The world does not need a second Russia in terms of cyberattacks.
Get the best of Windows Central in in your inbox, every day!
Thank you for signing up to Windows Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.