Microsoft has detected activities that the zero-day vulnerability in the on-premise deployment of Microsoft Exchange Servers’ affected versions is actively exploited. Currently, Exchange Online is not affected.
As of date, any business activities that reply on the on-premise deployment of Microsoft Exchange Servers, especially when it is external facing, should immediately update with the remediation patch issued by Microsoft.
With the release of several security updates for the affected Microsoft Exchange Server, customers are urged to apply the patches immediately. Please note that the below workaround is not meant to be a replacement for these remediation patches issued by Microsoft, as the vulnerabilities are actively being exploited.
The vulnerability currently affect the following Microsoft product:
It is necessary to ensure the fixed version is applied regardless of any environmental challenge present. In the event when the patch cannot be applied, do review the following.
Microsoft Security Update Guide
HAFNIUM targeting Exchange Servers with 0-day exploits
CISA National Cyber Awareness System Alerts
If you require further information or a consultation, please reach out to our team of Cybersecurity Solutions Experts.
11 March 2021 | Original articles from Microsoft
Copyright © 2023 JOS (SG) Pte. Ltd. All rights reserved.
