Sunday, April 6, 2025
Follow us On Linkedin
HomeCVE/vulnerabilityMicrosoft Issues Emergency Patch as Chinese Hackers Exploiting Exchange Server Flaws

Microsoft Issues Emergency Patch as Chinese Hackers Exploiting Exchange Server Flaws

CVE/vulnerabilityMicrosoftUncategorized

Published on

By Gurubaran
Microsoft Issues Emergency Patch

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

The Microsoft Security Response Center yesterday released several security updates for Microsoft Exchange Server. These updates were targeted at addressing vulnerabilities that have been used in a few focused and targeted attacks.

Nature of vulnerabilities

The vulnerabilities have been deemed to be very critical in nature and Microsoft urges and advises its customers to update the affected systems without further delay to protect themselves against these attacks and to prevent further abuse of their systems.

Microsoft states that these vulnerabilities have affected only Microsoft Exchange Server and have not affected Exchange Online.

Vulnerabilities

Affected versions

  • Microsoft Exchange Server 2013  
  • Microsoft Exchange Server 2016  
  • Microsoft Exchange Server 2019 

Defense in Depth purpose updates is being carried out on Microsoft Exchange Server 2010.

HAFNIUM Targeting Exchange Servers

“Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed the installation of additional malware to facilitate long-term access to victim environments.”

Process and mitigating ways of vulnerabilities

The vulnerabilities were used as part of an attack chain. Initially, these attacks need to have the ability to make an untrusted connection to Exchange server port 443 which can be saved by either restricting the untrusted connections, or by setting up a VPN to separate the Exchange server from external access.

By using this proposed method of protection, one would only protect against the initial portion of the attack. But other portions of the chain can be triggered if an attacker already has access or can convince an administrator to run a malicious file.

Microsoft has asked its users to prioritize updating external-facing Exchange Servers and then moving on to update others.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity, and hacking news updates.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Cyber Security News

Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild

Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti...
cyber security

Beware! Weaponized Job Recruitment Emails Spreading BeaverTail and Tropidoor Malware

A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing...
ChatGPT

EncryptHub Ransomware Uncovered Through ChatGPT Use and OPSEC Failures

EncryptHub, a rapidly evolving cybercriminal entity, has come under intense scrutiny following revelations of...
cyber security

PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack

A sophisticated phishing campaign, dubbed "PoisonSeed," has been identified targeting customer relationship management (CRM)...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

Register Now

More like this

CVE/vulnerability

Vite Development Server Flaw Allows Attackers Bypass Path Restrictions

A critical security vulnerability, CVE-2025-31125, has been identified in the Vite development server.Due to improper...
CVE/vulnerability

Critical Apache Parquet Vulnerability Allows Remote Code Execution

A severe vulnerability has been identified in the Apache Parquet Java library, specifically within...
CVE/vulnerability

Halo ITSM Vulnerability Lets Attackers Inject Malicious SQL Code

A critical security flaw has been discovered in Halo ITSM, an IT support management software...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2025 GBHackers On Security - All Rights Reserved