Yusuf On SecuritySecurity news, opinion and advice

Microsoft has released an out-of-band security update for a serious and actively used number of exploits on Microsoft Exchange. They named it Hafnium.

The following versions of Exchange Server are affected:

  • Exchange Server 2013
  • Exchange Server 2016
  • Exchange Server 2019

Is this attack connected to the SolarWinds attack?
Microsoft has said that it has seen “no evidence that the actor behind SolarWinds discovered or exploited any vulnerability in Microsoft products and services.”

You need to follow the latest updates recommendations of Microsoft here https://techcommunity.microsoft.com/t5/exchange-team-blog/released-march-2021-exchange-server-security-updates/ba-p/2175901

Author
Yusuf
Join the discussion

Further reading

What will it take?

A great piece on what it will take to improve the safety of the connected world. Read it here.

Extended detection and response (XDR)

Extended detection and response (XDR) captures threat data from previously isolated security tools throughout the organizations tech stack to enable...

Log4j Vulnerabilities

Towards the end of November, a researcher from Alibaba discovered a fault (CVE-2021-44228) in a well known open-source logging library called...