Hackers infiltrate Microsoft, software updates required for consumers
REDMOND, Wash. (CNN) — Microsoft is urging Exchange users to download software patches after a security breach was found. In a recent article, Microsoft wrote “because we are aware of active exploits of related vulnerabilities in the wild (limited targeted attacks), our recommendation is to install these updates immediately to protect against these attacks.”
The tech company says hackers linked to China hit its Exchange email servers this week.
The hackers found four vulnerabilities in Microsoft’s software, giving them access to email accounts and allowing them to install malware.
Microsoft says the cloud-based version of Exchange was not affected.
The company says they believe HAFNIUM, a Chinese State-sponsored hacker group, was responsible for the attack. However, Microsoft did not provide any evidence supporting this assessment.
In response, China’s Ministry of Foreign Affairs says the country opposes all forms of cyber-attacks.
Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM. https://t.co/tdsYGFICML
— Microsoft Security Intelligence (@MsftSecIntel) March 2, 2021
