Vulnerabilities with On-Premises Versions of Microsoft Exchange Server

March 10, 2021

Vulnerabilities with On-Premises Versions of Microsoft Exchange Server

Early last week, Microsoft revealed that suspected state-sponsored hackers from China were exploiting four previously unknown vulnerabilities being used to attack on-premises versions of Microsoft Exchange Server. This has enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments. 

Since that disclosure, other hackers have used automated programs to scan the internet, looking for companies that have yet to install the fix. Microsoft has urged IT administrators and customers to apply the security fixes immediately. However, just because fixes are applied now, this does not mean that servers have not already been compromised.

Microsoft has listed indicators of compromise here. Admins can also use this script from Microsoft to test if their environments are affected. 

For more information about these vulnerabilities and how to defend against their exploitation, see:

What Action Should You Take?

For businesses potentially impacted, we strongly advise consulting with a cybersecurity expert. For those with cyber insurance, you may have access to complimentary cybersecurity resources through your insurance provider. Please reach out to our office if you have any questions on your cyber insurance coverage or to submit a claim.  

To learn find more about cyber insurance or request a quote, please visit our website:

This material is intended for informational purposes only and is not to be construed as legal advice.