Microsoft urges customers to download software patches after Chinese-sponsored hackers broke into Microsoft Exchange Server, using a number of previously undetected vulnerabilities to carry out “limited-targeted attacks”.
The hackers “used these vulnerabilities to gain access to exchange servers, which allowed them to access e-mail. “Mail accounts և allowed additional malware to be installed to facilitate long-term access to victims’ environment,” Microsoft said on Tuesday.
Microsoft posted in the blog post about breaking the flaws.
Previously undiscovered vulnerabilities are known as zero days, they are valuable to hackers because there is no protection against them, at least until they are discovered and their fragments are created.
“We share this information with our customers և security community to highlight the potential nature of these vulnerabilities և affect the ability to immediately patch all systems,” the company said.
According to the blog, the responsible hackers are “a group that is considered a state-sponsored” operating outside of China. ” They typically target “a number of industries in the United States, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs.”
For other similar articles, visit us at bloomberg.com
© 2021 Bloomberg LP: