Microsoft is strongly urging customers with Exchange Server installations to apply patches that address critical vulnerabilities currently exploited by Chinese nation state hackers to steal information and install malware.
The urgent patches were released out-of-band to address an attack chain affecting Microsoft Exchange Server versions 2010, 2013, 2016 and 2019. It is important to patch your current exchange infrastructure to the latest cumulative update version prior to patching for the vulnerability.
Four new zero-day vulnerabilities are being exploited by the Hafnium state-sponsored group to get access to Exchange Servers,
When exploited, these vulnerabilities permit access to on-premises Exchange servers enabling unauthorized access to email. Additionally attackers once gaining access maintain access to compromised Exchange servers.
It is highly recommended to patch your on premise exchange server immediately.
Exchange Online is not affected by these vulnerabilities.
Patches are located:
Obviously we would highly recommend ensuring you have good, recoverable backups and/or snapshots of the servers prior to applying patches.