Using On-Premises Microsoft Exchange Server Software? Protect Your Data TODAY

Zero Day Microsoft Exchange Server Hack

If your company still has an on-premises Microsoft Exchange Server, your environment is at risk. Microsoft announced critical vulnerabilities requiring immediate patches released March 2, 2021 and is urging users to download software patches for the four vulnerabilities that were discovered. In addition, the DHS Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 21-02 on March 3, requiring federal agencies to comply by noon, EST, on March 5.

Microsoft has confirmed Exchange Online is not affected and that the on-premises Exchange Servers at risk include:

  • Microsoft Exchange Server 2013
  • Microsoft Exchange Server 2016  
  • Microsoft Exchange Server 2019

Take action today to protect your environment now, then make plans to migrate your email from Microsoft Exchange Server to Exchange Online, the sooner the better!

The HAFNIUM Zero-Day Hack

Microsoft has detected several zero-day exploits actively under attack. The threat actor behind this dangerous attack has been dubbed HAFNIUM by Microsoft who called them a state sponsored actor linked to China and said they are “a highly skilled and sophisticated actor.” A zero-day attack is one that exploits previously unknown vulnerabilities. This allows attackers to exploit zero-day vulnerabilities until the problem is recognized and software patches are released. In a recent blog post about this attack, Microsoft wrote “We are sharing this information with our customers and the security community to emphasize the critical nature of these vulnerabilities and the importance of patching all affected systems immediately”.

The HAFNIUM attack happens in three steps:

  1. Achieves access to an Exchange Server using stolen or cracked credentials, or by exploiting the zero-day vulnerabilities to impersonate a legitimate user.
  2. Deploys malware that enables remote access and control of the server through a web shell.
  3. Exfiltrates data using the newly established remote access and/or execute arbitrary commands.

How to Protect Your Business TODAY

If you have an on-site MS Exchange Server, patch it TODAY. Prioritize installing the updates on any Exchange Servers facing the Internet, but all Exchange servers should be updated. You can find the patches here: https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/

How to Prevent Future Zero-Day Vulnerabilities

Now is the time to move from your on-premises Microsoft Exchange Server to the cloud, and more precisely Exchange Online (the cloud platform for Microsoft 365).

If you are an Intrust IT client, don’t worry: We’ve already taken care of this potential issue if you use on-premises Exchange Server. Not a client yet? Contact us or book a virtual meeting to discuss migrating your servers to the cloud and setting up comprehensive cybersecurity protocols.

Dave Hatter

Dave Hatter

Dave Hatter (CISSP, CCSP, CCSLP, CISA, CISM, PMP and ITIL) is a cyber security consultant, writer, educator and on-air media contributor. See hundreds of Dave’s expert interviews on cyber security on his YouTube channel, or tune in to 55KRC every Friday morning at 6:30 for his “Tech Friday” segment.

Share this Blog

Enterprise Password Management Promo Wide

Is Your Name or Birthday a Part of Your Password?

If so, you’re a part of the 59 percent of people who don’t follow proper password hygiene. More than 70 percent of passwords are used for more than one system, meaning if cybercriminals crack one, they can access a lot more accounts.

Our free Enterprise Password Management Guide will give you the best password hygiene practices to help you secure your computer and your business.

Download the Guide

Explore the Latest Trends in IT

Fundamentals of Information Technology Management - Intrust

IT 101: What Is Information Technology Management?

When was the last time you stopped to think about how your business relies on technology? Information technology management is...
Avoid Pig-Butchering - Intrust IT

Pig-Butchering Scams: What They Are and How to Stay Safe

At Intrust IT, we understand that it may feel like the specter of cybersecurity is always breathing down your neck....
3 Reasons to Replace Aging Equipment - Intrust IT

Three Compelling Reasons Your Company Should Replace Its Aging Computers Before Year-End

As the end of the year approaches, businesses everywhere are evaluating their budgets and looking for strategic opportunities to invest...
What are managed services - Intrust IT

What Are Managed Services? And What Are the Benefits?

Running a business in today’s tech-driven world means you need reliable IT infrastructure. But let’s be honest, managing IT in-house...
Windows 10 End of Life How This Could Impact Your Business - Intrust IT

Windows 10 End of Life: How It Could Impact Your Business

As Microsoft officially plans to end support for Windows 10 on October 14, 2025, businesses need to begin thinking ahead....
AI implementation Roadmap Intrust IT

Master AI Integration With Our AI Implementation Roadmap Guide

AI is one of the greatest technological breakthroughs of the last few years. It has become our handy assistant, data...