Microsoft Corp. is urging customers to download software patches after state-sponsored hackers based in China broke into Microsoft Exchange Server using multiple previously undiscovered flaws in order to conduct “limited and targeted attacks.”
The hackers “used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts and allowed installation of additional malware to facilitate long-term access to victim environments,” Microsoft said Tuesday.
Microsoft released patches for the flaws in a blog post announcing the hack.
Previously undiscovered vulnerabilities are known as zero days, and they are valuable to hackers because there aren’t defenses against them -- at least until they are discovered and patches are created.
“We are sharing this information with our customers and the security community to emphasize the critical nature of these vulnerabilities and the importance of patching all affected systems immediately,” the company said.
The hackers responsible are “a group assessed to be state-sponsored and operating out of China,” according to the blog. They typically target “entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs.”
©2021 Bloomberg L.P.