WARNING! Microsoft Exchange Servers at Risk: Protect Your Business

microsoft exchange server

Once again, those cunning cybercriminals have figured out a way to access your system if you are using an ON-PREMISES Microsoft Exchange Server.

On March 2, 2021 Microsoft started urging users to download software patches for the four vulnerabilities that were discovered in what they call the HAFNIUM Zero-Day Hack. Microsoft released immediate patches that day and the following day, the DHS Cybersecurity and Infrastructure Security Agency (CISA) issued an Emergency Directive 21-02 mandating federal agencies to comply by noon, EST, today (March 5).

If you’re using the Exchange Online, you have no worries. It is not affected. Only the following on-site Exchange Servers are at risk:

  • Microsoft Exchange Server 2013
  • Microsoft Exchange Server 2016  
  • Microsoft Exchange Server 2019

To prevent any future damage, move your email from the on-premises server to Microsoft Exchange Online.

So What is the  HAFNIUM Zero-Day Hack?

According to Microsoft, who named HAFNIUM, the hacker is linked to China and is “a highly skilled and sophisticated actor.” The hack finds vulnerabilities on the server and allows the hackers to:

  • Get into the server by having previously stolen or cracked credentials of users. 
  • Insert malware into the server and get remote access to it.
  • Extract data or commands to suit the hackers purposes.

Microsoft said “We are sharing this information with our customers and the security community to emphasize the critical nature of these vulnerabilities and the importance of patching all affected systems immediately.”

Protect Your Business TODAY

If you don’t use an on-site Microsoft Exchange Server, no worries. But if you do, download and install the necessary patches immediately, prioritizing any external facing servers first.If you are an Internos Group client, don’t worry — we’re taking care of this for you. 

Here is the link to those patches: https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/

Future Zero-Day Vulnerabilities Are Preventable

Zero-day refers to any attack that exploits a previously unknown vulnerability. Hackers will have access until that vulnerability is patched. This is one of the many, many reasons why it’s critical to keep all your systems up to date with the latest patches and updates.

If you have an on-premises server, your best protection from future zero-day attacks is to migrate to the cloud. Microsoft Exchange Online was not impacted by the HAFNIUM attack and is the cloud platform for Microsoft 365.

To discuss migrating your servers to the cloud and setting up comprehensive cybersecurity protocols, contact us or book a meeting, virtual or in person.

Posted in

Sandro Alvarez

Sandro is the CEO of Internos Group and a partner. He has spent the past 30 years building a career in IT, picking up an array of hardware and software certifications along the way. He’s a visionary who sees the big picture, then gets straight to work understanding every gear that grinds.

Use our Managed Service Provider Checklist to Find the Right

Our easy-to-follow checklist can guide you through the process of the best IT services provider for your business.

Are you a first-timer to IT support? Maybe you aren’t happy with your current MSP? This checklist will help you help you outline and define:

  • Your business goals for the next few years
  • The stats that potential MSPs will need to work out a plan for your company
  • The risk areas in your backup and cyber security practices
  • What you expect from your IT provider
  • And more!