30,000 organizations including small businesses, towns and local governments with an exchange server, i.e. anyone who runs their own exchange server was susceptible to getting hacked. Krebs on Security blogpost.

Also we have the following story:

White House cites ‘active threat,’ urges action despite Microsoft patch 

The problem may be that if one was attacked and your exchange server was compromised because you did not patch it quick enough.

“Already, a source told Reuters more than 20,000 U.S. organizations had been compromised by the hack, which Microsoft has blamed on China, although Beijing denies any role.”

Of course Microsoft and the white house are recommending  that the companies or entities running Exchange server need to patch or install a fixed exchange server software

 

This is a basic item that everyone who manages computers needs to know- the patching cycle and Zero-Days

An older image from a long ago blog post -discusses the details of the Patch cycle, with the vulnerability found, exploit released in the wild, discovered by vendor(here it is Microsoft) then the vulnerability was disclosed publicly in this case it an out of band (not on  patch Tuesday) since Microsoft felt it was bad enough they could not wait for march 9th, and instead released the patch on March 3rd.

here is the official CERT release for the Microsoft Exchange threat.

https://us-cert.cisa.gov/ncas/alerts/aa21-062a

 

By zafirt

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.