Microsoft released updates on March 2 to fix newly discovered vulnerabilities in Exchange Server. The four so-called zero-day leaks were most likely exploited by the Chinese hacker group Hafnium, Microsoft thinks. Hafnium is affiliated with the Chinese government and targets such causes as defense contractors and law firms.
The number of companies affected by the vulnerabilities is already at 20,000 in the US alone, Reuters reports. Security expert Brian Krebs speaks of 30,000 US companies affected.
Companies in the Netherlands have also been affected, according to the NCSC. The watchdog does not say which organizations are involved.
Install update as soon as possible
The National Cyber Security Center warned Dutch companies this weekend to actively act around the vulnerabilities. It is recommended that you install the update from Microsoft as soon as possible. Companies that are not yet able to do this are made aware of Microsoft’s mitigating measures.
In addition, companies are recommended to monitor their Exchange Server with scripts released by Microsoft. Although the vulnerabilities are being addressed by the new update, it is still possible that systems are already infected.