Microsoft fixes four zero-day flaws in Exchange Server exploited by China's ‘Hafnium’ spies to steal victims' data

Microsoft fixes four zero-day flaws in Exchange Server exploited by China's ‘Hafnium’ spies to steal victims' data

Microsoft says Beijing-backed hackers are exploiting four zero-day vulnerabilities in Exchange Server to steal data from defense contractors, law firms, and infectious disease researchers.


The Windows giant today issued patches for Exchange to close up the bugs, and recommended their immediate application by all. On-prem and hosted Exchange, from version 2013 to 2019, are vulnerable and need fixing up.

Microsoft’s corporate veep for customer security and trust Tom Burt named the miscreants “Hafnium,” said they operate in China though use US-based servers, and classified the cyber-spy team as “a highly skilled and sophisticated actor” that's nation-state sponsored.


Burt said the snoops conduct a three-step attack:

  • Gain access to an Exchange Server either using stolen passwords or by using zero-day vulnerabilities, and disguise themselves as a legitimate user.

  • Control th ..

    Support the originator by clicking the read the rest link below.