On March 2, 2021, Microsoft released out-of-band security updates to address vulnerabilities affecting Microsoft Exchange Server products. An adversary can exploit this vulnerability to compromise network and steal information, encrypt data for ransom, or even execute a destructive attack.

All system owners should:

1. Check for indicators of compromise (IOCs) by running tool for Exchange Server Vulnerabilities - github.com;

2. Immediately update all instances of on-premises Microsoft Exchange that you are hosting - microsoft.com/2021/03/02/;

3. If you are unable to immediately apply updates, follow Microsoft’s alternative mitigations in the interim - microsoft.com/2021/03/05/. Note: these mitigations are not an adequate long-term replacement for applying updates; organizations should apply updates as soon as possible.

More information about these vulnerabilities and updates, see:

• Microsoft Blog: Multiple Security Updates Released for Exchange Server

• Microsoft Blog: Microsoft Exchange Server Vulnerabilities Mitigations

• Microsoft Blog: HAFNIUM targeting Exchange Servers with 0-day exploit

• Microsoft GitHub Repository: CSS-Exchange