Microsoft Exchange Server hack

Four zero-day vulnerabilities in Microsoft Exchange Server are being actively exploited by a state-sponsored threat group from China and appear to have been adopted by other cyberattackers in widespread attacks.

While in no way believed to be connected to the SolarWinds supply chain attack that has impacted an estimated 18,000 organizations worldwide — so far — there is concern that lags in patching vulnerable servers could have a similar impact, or worse, on businesses.

WHAT HAPPENED?

Microsoft told security expert Brian Krebs that the company was made aware of four zero-day bugs in “early” January.

A DEVCORE researcher, credited with finding two of the security issues, appears to have reported them around January 5. Going under the handle “Orange Tsai,” the researcher tweeted:

“Just report a pre-auth RCE chain to the vendor. This might be the most serious RCE I have ever reported.”

According to Volexity, attacks using the four zero-days may have started as early as January 6, 2021. Dubex reported suspicious activity on Microsoft Exchange servers in the same month.

By Charlie Osborne

March 9, 2021

Click to read the entire article on ZDNet

More Posts

June 4 6pm

It appears that Hostgator has finally resolved the DNS and SSL Certificate issues with all of the domains. While this did not impact the ability

June 1 through 4, 2026

Monday, I had contacted Hostgator about the “Error. Page cannot be displayed. Please contact your service provider for more details.” message that is appearing on

May 26 through 28, 2026

This week I will be preparing for the end of month. I will continue to be working on my online courses. The information from these