On March 2, 2021, Microsoft announced it had detected multiple exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In response, Microsoft released patches for several different on-premises Microsoft Exchange Server zero-day vulnerabilities currently being exploited by a nation-state-affiliated group, Hafnium, operating out of China.
Microsoft has discovered a new and critical vulnerability impacting the following versions of Microsoft Exchange:
- Microsoft Exchange Server 2010
- Microsoft Exchange Server 2013
- Microsoft Exchange Server 2016
- Microsoft Exchange Server 2019
As soon as we heard this announcement, the entire Compudyne team sprung into action to protect our clients. Compudyne is here to be your partner in IT, and it’s our job to help shield your environments against these types of attacks. Unfortunately, vulnerabilities like this will continue to happen, and that’s why our team is always ready.
Compudyne moved quickly yesterday to protect our clients against potential attacks. Our Managed Services team worked diligently through the night to remedy the situation. We identified all clients believed to have this vulnerability and patched any impacted systems following Microsoft’s recommendation. We applied the patch for our EDGE Pro clients, notified and assisted our EDGE Assist clients, and provided guidance and support for any additional clients as needed.
We completed the patches around 2:00 am Central Time on March 4, 2021.
“The entire Compudyne team stepped up for our clients last night,” said Kristen Hempel, Director of Managed Services at Compudyne. “The sad truth is no organization, not even Microsoft, is immune to cyberattacks. When you have a full-service team of IT solutions providers in your corner, you’re that much better prepared to address critical vulnerabilities and protect your business.”
The Compudyne team worked together to mitigate this risk for our clients. We’re doing everything in our power to alleviate issues as they arise and are proud of both our team’s efforts and our clients’ response.
- Our Strategic Services team kept all clients updated on patching progress and promptly addressed any questions or concerns. They also provided additional resources as needed.
- Our Managed Services, Infrastructure Services and Information Systems teams worked throughout the night to roll out the initial phases of remediation within these client environments.
- Our Cloud Services team supported all teams especially in the recovery process.
- Our Network Services team has taken the necessary steps relating to internet connection for this subset of clients.
This particular vulnerability only impacted a small subset of our clients. Each has taken the appropriate steps to engage a security remediation organization for further investigation, as we have reason to believe the nation-state organization may have exploited this vulnerability in their environment.
If you have any questions or need assistance installing this critical update, please contact your support team as soon as possible.