Microsoft Zero-Day Exploits

Microsoft Zero-Day Exploits

By: Jake Schulte, IT Manager

This week Microsoft detected multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments.

Before panic sets in, it’s important to note that Exchange Online is not affected.  If you’re currently using Microsoft 365 services through Networks Plus and using Exchange Online – no action is needed.

Microsoft released patches for multiple on-premises Microsoft Exchange Server zero-day vulnerabilities being exploited by a nation-state affiliated group. The vulnerabilities exist in on-premises Exchange Servers 2010, 2013, 2016, and 2019.

To minimize or avoid impacts of this situation, Microsoft highly recommends that you take immediate action to apply the patches for any on-premises Exchange deployments.  To patch these vulnerabilities, you should move to the latest Exchange Cumulative Updates and then install the relevant security updates on each Exchange Server.

Microsoft published a blog providing an overview of the attack and a link to the security updates that were released. You can view that information here: Microsoft Blog – New nation-state cyberattacks. 

Get a free assessment

Your custom cybersecurity check up identifies where you’re secure, and where you’re not. Fill out the information below to schedule a FREE network and cybersecurity consultation with one of our local IT Business Consultants. There are no obligations, and you will walk away with information on how you compare to today’s IT and cybersecurity best practices.