It is a little over a week since Microsoft Exchange email servers were attacked by a group which Microsoft as described as a network of hackers it calls Hafnium. It is not clear who these people are, but the attack, which impacted as many as 60,000 companies â and by some estimates 100,000 â has forced Microsoft to release out of-band emergency patches for Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019.
Exchange Attack Spreading?
The situation is so bad, in fact, that Microsoft has also released updates for older, unsupported versions of Exchange to deal with the four newly discovered security vulnerabilities (Microsoft also made it clear that it was only patching these vulnerabilities and that these older versions will remain unsupported after this has passed.)
March 8, 2021
Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion. Here’s a brief timeline of what we know leading up to last week’s mass-hack, when hundreds of thousands of
When did Microsoft find out about attacks on previously unknown vulnerabilities in Exchange?
Pressed for a date when it first became aware of the problem, Microsoft told KrebsOnSecurity it was initially notified “in early January.” So far the earliest known report came on Jan. 5, from a principal security researcher for security testing firm DEVCORE who goes by the handle “Orange Tsai.” DEVCORE is credited with reporting two of the four Exchange flaws that Microsoft patched on Mar. 2.