Recently we learned about four critical zero-day vulnerabilities that let adversaries access Microsoft Exchange Servers and potentially gain long-term access to the infected systems.
What is the Microsoft Exchange Server Vulnerability?
On March 2, the world learned about four critical zero-day vulnerabilities inside Microsoft Exchange Server. These vulnerabilities allowed attackers to gain access to Microsoft Exchange Servers and enabled them to execute arbitrary code, potentially gaining long-term access to the infected system.
Microsoft has released a security update to patch these vulnerabilities. It is strongly recommended to update all your Microsoft Exchange servers as soon as possible to the latest available patched versions released by Microsoft.
I also recommend that you visit our own Palo Alto Networks Response page immediately and learn how you can request help. Engage with Crypris to determine whether you've been impacted, shut down active threats, and quickly recover from the attack.
Based on signatures and indicators that have been observed, Palo Alto Networks customers are protected across our product ecosystem, with specific protections deployed in the following products and subscriptions: