Microsoft says 92% of Exchange servers patched against Hafnium exploit

Reading time icon 1 min. read


Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

microsoft-exchange-logo

After a massive effort, Microsoft says that 92% of stand-alone vulnerable Exchange servers have been patched against the collection of vulnerabilities exploited by the Hafnium hacker group.

The data comes from RiskIQ, who is working with Microsoft and who tweeted the numbers.

Hafnium exploited 4 zero-day exploits which affected only stand-alone Microsoft Exchange services, resulting in tens of thousands of servers being compromised with data loss and ransomware attacks.

In response, Microsoft released a mitigation guide, emergency patches and created a one-click mitigation tool and later updated Microsoft Defender to automatically mitigate the vulnerability.

This still leaves tens of thousands of servers already breached, however, the fall-out of which will likely take years to be fully realized.  F-Secure recommends IT administrators check their systems for indicators of compromise (IoCs) and perform security audits to see if their servers have been exploited.

via ZDNet

User forum

0 messages