{"id":63098,"date":"2021-03-15T14:43:03","date_gmt":"2021-03-15T19:43:03","guid":{"rendered":"https:\/\/www.pcmatic.com\/blog\/?p=63098"},"modified":"2021-03-15T14:44:17","modified_gmt":"2021-03-15T19:44:17","slug":"microsoft-exchange-0-day-vulnerabilities","status":"publish","type":"post","link":"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/","title":{"rendered":"A Simple Guide to the Microsoft Exchange 0-day Vulnerabilities"},"content":{"rendered":"\n<p>Earlier in March Microsoft disclosed several 0-day vulnerabilities within Microsoft Exchange that were actively being exploited by hacking groups. We now have more details about the versions affected and what patches are available for them. <\/p>\n\n\n\n<p>Before we go further if you&#8217;re not running an on-prem version of Microsoft Exchange then you can probably stop reading now unless you&#8217;re interested to learn patch recommendations. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">The Timeline<\/h2>\n\n\n\n<p>This is a simplified timeline from a very detailed write-up by <a href=\"https:\/\/krebsonsecurity.com\/2021\/03\/a-basic-timeline-of-the-exchange-mass-hack\/\" target=\"_blank\" rel=\"noreferrer noopener\">KrebsonSecurity<\/a> that we encourage you to read. <\/p>\n\n\n\n<p><strong>January 2021<\/strong> &#8211; Several groups report findings to Microsoft detailing remote code execution vulnerabilities in Microsoft Exchange which is later confirmed by Microsoft.<\/p>\n\n\n\n<p><strong>Late February 2021<\/strong> &#8211; Attackers begin mass scanning for Exchange servers that are vulnerable and compromising them.<\/p>\n\n\n\n<p><strong>March 2nd, 2021<\/strong> &#8211; Microsoft releases patches for the four 0-day vulnerabilities. <\/p>\n\n\n\n<p><strong>March 5th-7th, 2021<\/strong> &#8211; <a href=\"https:\/\/krebsonsecurity.com\/2021\/03\/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software\/\" target=\"_blank\" rel=\"noreferrer noopener\">KrebsonSecurity<\/a> estimates that 30,000 organizations in the US are compromised by this which is later confirmed by Wired.com.<\/p>\n\n\n\n<p><strong>March 12th<\/strong> &#8211; Microsoft still estimates there are at least 80,000 unpatched Exchange Servers worldwide. <\/p>\n\n\n\n<p>The fallout from these vulnerabilities is deeply concerning and still unknown. PC Matic is confident that it&#8217;s customer will remain unharmed with SuperShield running and preventing all unknown payloads that could be brought through the vulnerability of a compromised device. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What Versions Are Affected?<\/h2>\n\n\n\n<p>Microsoft has released guidance that the following versions of Exchange are affected. <\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Exchange 2019<\/li><li>Exchange 2016<\/li><li>Exchange 2013<\/li><li>Exchange 2010<\/li><\/ul>\n\n\n\n<p>Exchange 2003 and 2007 are not believed to be affected at this time and thus have no patches to apply for this vulnerability. <\/p>\n\n\n\n<p>If you are running one of the versions listed above (2019,2016,2013,2010) <strong>you must patch that server as soon as possible<\/strong>. <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/exchange-team-blog\/march-2021-exchange-server-security-updates-for-older-cumulative\/ba-p\/2192020\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft has laid out<\/a> several options for patching that range from a move to the latest CU or applying only the security fixes for this set of 0-days to your current CU. If you&#8217;re running Exchange 2010 SP3, you can install <a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/description-of-the-security-update-for-microsoft-exchange-server-2010-service-pack-3-march-2-2021-kb5000978-894f27bf-281e-44f8-b9ba-dad705534459\" target=\"_blank\" rel=\"noreferrer noopener\">this update<\/a> to patch your servers for the March 2021 incident. <\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img fetchpriority=\"high\" decoding=\"async\" width=\"998\" height=\"464\" src=\"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/EXSecUpdatesOlderCU02.jpg\" alt=\"\" class=\"wp-image-63100\" srcset=\"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/EXSecUpdatesOlderCU02.jpg 998w, https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/EXSecUpdatesOlderCU02-768x357.jpg 768w\" sizes=\"(max-width: 998px) 100vw, 998px\" \/><figcaption>Exchange update paths from Microsoft. (<a href=\"https:\/\/techcommunity.microsoft.com\/t5\/exchange-team-blog\/march-2021-exchange-server-security-updates-for-older-cumulative\/ba-p\/2192020\" target=\"_blank\" rel=\"noreferrer noopener\">source<\/a>)<\/figcaption><\/figure><\/div>\n\n\n\n<p>If you cannot currently bring your Exchange server up to the latest CU, visit the Microsoft Download Center section of <a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-march-2-2021-kb5000871-9800a6bb-0a21-4ee7-b9da-fa85b3e1d23b\" target=\"_blank\" rel=\"noreferrer noopener\">this page<\/a>, and find your current Exchange version and CU. You can then download the new release version of that CU and apply the security fixes for what is now known as the March 2021 incident. <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"706\" height=\"908\" src=\"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/ExchangeVersionLinks.png\" alt=\"\" class=\"wp-image-63104\"\/><figcaption>Examples of links in the <a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-march-2-2021-kb5000871-9800a6bb-0a21-4ee7-b9da-fa85b3e1d23b\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Download Center<\/a> section.<\/figcaption><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">What&#8217;s next? <\/h2>\n\n\n\n<p>Applying the patches from Microsoft is only step 1. It&#8217;s important to still look for signs of compromise on any of your exchange servers. There are several write-ups with full details on the attack like this technical article from <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/03\/02\/hafnium-targeting-exchange-servers\/\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft<\/a>. There you&#8217;ll find the attack chain, how you can look for signs of compromise, known hashes associated to compromise, and more. <\/p>\n\n\n\n<p>Again, PC Matic is confident that its customers running SuperShield on Exchange servers will remain secure from any attempts by attackers to deliver payloads to a compromised Exchange Server.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Earlier in March Microsoft disclosed several 0-day vulnerabilities within Microsoft Exchange that were actively being exploited by hacking groups. We now have more details about the versions affected and what patches are available for them. Before we go further if you&#8217;re not running an on-prem version of Microsoft Exchange then you can probably stop reading [&hellip;]<\/p>\n","protected":false},"author":58,"featured_media":63107,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[109,12],"tags":[5939,125,5541],"class_list":["post-63098","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-pc-matic-blog","category-the-pit-blog","tag-exchange","tag-microsoft","tag-vulnerabilities"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>A Simple Guide to the Microsoft Exchange 0-day Vulnerabilities<\/title>\n<meta name=\"description\" content=\"Earlier in March Microsoft disclosed several 0-day vulnerabilities within Microsoft Exchange that were actively being exploited by hacking groups. We now\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"A Simple Guide to the Microsoft Exchange 0-day Vulnerabilities\" \/>\n<meta property=\"og:description\" content=\"Earlier in March Microsoft disclosed several 0-day vulnerabilities within Microsoft Exchange that were actively being exploited by hacking groups. We now\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/\" \/>\n<meta property=\"og:site_name\" content=\"PC Matic Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/pcmatic\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-15T19:43:03+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-03-15T19:44:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/exchangeCVE.png\" \/>\n\t<meta property=\"og:image:width\" content=\"730\" \/>\n\t<meta property=\"og:image:height\" content=\"450\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Devin Bergin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@pcmatic\" \/>\n<meta name=\"twitter:site\" content=\"@pcmatic\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Devin Bergin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/microsoft-exchange-0-day-vulnerabilities\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/microsoft-exchange-0-day-vulnerabilities\\\/\"},\"author\":{\"name\":\"Devin Bergin\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/person\\\/e1a87aba65278d9cd1064ad1966895fe\"},\"headline\":\"A Simple Guide to the Microsoft Exchange 0-day Vulnerabilities\",\"datePublished\":\"2021-03-15T19:43:03+00:00\",\"dateModified\":\"2021-03-15T19:44:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/microsoft-exchange-0-day-vulnerabilities\\\/\"},\"wordCount\":495,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/microsoft-exchange-0-day-vulnerabilities\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/exchangeCVE.png\",\"keywords\":[\"Exchange\",\"Microsoft\",\"vulnerabilities\"],\"articleSection\":[\"PC Matic Blog\",\"The Pit Blog\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/microsoft-exchange-0-day-vulnerabilities\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/microsoft-exchange-0-day-vulnerabilities\\\/\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/microsoft-exchange-0-day-vulnerabilities\\\/\",\"name\":\"A Simple Guide to the Microsoft Exchange 0-day Vulnerabilities\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/microsoft-exchange-0-day-vulnerabilities\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/microsoft-exchange-0-day-vulnerabilities\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/exchangeCVE.png\",\"datePublished\":\"2021-03-15T19:43:03+00:00\",\"dateModified\":\"2021-03-15T19:44:17+00:00\",\"description\":\"Earlier in March Microsoft disclosed several 0-day vulnerabilities within Microsoft Exchange that were actively being exploited by hacking groups. We now\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/microsoft-exchange-0-day-vulnerabilities\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/microsoft-exchange-0-day-vulnerabilities\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/microsoft-exchange-0-day-vulnerabilities\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/exchangeCVE.png\",\"contentUrl\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/exchangeCVE.png\",\"width\":730,\"height\":450,\"caption\":\"Cyber Risks - users were still running vulnerable versions of Exchange Server posing a Cybersecurity threat by not updating to patched versions..\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/microsoft-exchange-0-day-vulnerabilities\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"A Simple Guide to the Microsoft Exchange 0-day Vulnerabilities\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/\",\"name\":\"PC Matic Blog\",\"description\":\"Tech Tips and Tricks\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#organization\",\"name\":\"PC Matic - Top Antivirus Company in the USA.\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/techtalk.pcmatic.com\\\/wp-content\\\/uploads\\\/PC-MaticLogo-e1472689639222.png\",\"contentUrl\":\"https:\\\/\\\/techtalk.pcmatic.com\\\/wp-content\\\/uploads\\\/PC-MaticLogo-e1472689639222.png\",\"width\":1535,\"height\":483,\"caption\":\"PC Matic - Top Antivirus Company in the USA.\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/pcmatic\",\"https:\\\/\\\/x.com\\\/pcmatic\",\"https:\\\/\\\/www.instagram.com\\\/pcmaticusa\\\/\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/pcmatic\",\"https:\\\/\\\/www.youtube.com\\\/c\\\/PCMaticVideo\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/person\\\/e1a87aba65278d9cd1064ad1966895fe\",\"name\":\"Devin Bergin\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/author\\\/devin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"A Simple Guide to the Microsoft Exchange 0-day Vulnerabilities","description":"Earlier in March Microsoft disclosed several 0-day vulnerabilities within Microsoft Exchange that were actively being exploited by hacking groups. We now","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/","og_locale":"en_US","og_type":"article","og_title":"A Simple Guide to the Microsoft Exchange 0-day Vulnerabilities","og_description":"Earlier in March Microsoft disclosed several 0-day vulnerabilities within Microsoft Exchange that were actively being exploited by hacking groups. We now","og_url":"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/","og_site_name":"PC Matic Blog","article_publisher":"https:\/\/www.facebook.com\/pcmatic","article_published_time":"2021-03-15T19:43:03+00:00","article_modified_time":"2021-03-15T19:44:17+00:00","og_image":[{"width":730,"height":450,"url":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/exchangeCVE.png","type":"image\/png"}],"author":"Devin Bergin","twitter_card":"summary_large_image","twitter_creator":"@pcmatic","twitter_site":"@pcmatic","twitter_misc":{"Written by":"Devin Bergin","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/#article","isPartOf":{"@id":"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/"},"author":{"name":"Devin Bergin","@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/person\/e1a87aba65278d9cd1064ad1966895fe"},"headline":"A Simple Guide to the Microsoft Exchange 0-day Vulnerabilities","datePublished":"2021-03-15T19:43:03+00:00","dateModified":"2021-03-15T19:44:17+00:00","mainEntityOfPage":{"@id":"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/"},"wordCount":495,"commentCount":0,"publisher":{"@id":"https:\/\/www.pcmatic.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/exchangeCVE.png","keywords":["Exchange","Microsoft","vulnerabilities"],"articleSection":["PC Matic Blog","The Pit Blog"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/","url":"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/","name":"A Simple Guide to the Microsoft Exchange 0-day Vulnerabilities","isPartOf":{"@id":"https:\/\/www.pcmatic.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/#primaryimage"},"image":{"@id":"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/exchangeCVE.png","datePublished":"2021-03-15T19:43:03+00:00","dateModified":"2021-03-15T19:44:17+00:00","description":"Earlier in March Microsoft disclosed several 0-day vulnerabilities within Microsoft Exchange that were actively being exploited by hacking groups. We now","breadcrumb":{"@id":"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/#primaryimage","url":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/exchangeCVE.png","contentUrl":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/exchangeCVE.png","width":730,"height":450,"caption":"Cyber Risks - users were still running vulnerable versions of Exchange Server posing a Cybersecurity threat by not updating to patched versions.."},{"@type":"BreadcrumbList","@id":"https:\/\/www.pcmatic.com\/blog\/microsoft-exchange-0-day-vulnerabilities\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.pcmatic.com\/blog\/"},{"@type":"ListItem","position":2,"name":"A Simple Guide to the Microsoft Exchange 0-day Vulnerabilities"}]},{"@type":"WebSite","@id":"https:\/\/www.pcmatic.com\/blog\/#website","url":"https:\/\/www.pcmatic.com\/blog\/","name":"PC Matic Blog","description":"Tech Tips and Tricks","publisher":{"@id":"https:\/\/www.pcmatic.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.pcmatic.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.pcmatic.com\/blog\/#organization","name":"PC Matic - Top Antivirus Company in the USA.","url":"https:\/\/www.pcmatic.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/techtalk.pcmatic.com\/wp-content\/uploads\/PC-MaticLogo-e1472689639222.png","contentUrl":"https:\/\/techtalk.pcmatic.com\/wp-content\/uploads\/PC-MaticLogo-e1472689639222.png","width":1535,"height":483,"caption":"PC Matic - Top Antivirus Company in the USA."},"image":{"@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/pcmatic","https:\/\/x.com\/pcmatic","https:\/\/www.instagram.com\/pcmaticusa\/","https:\/\/www.linkedin.com\/company\/pcmatic","https:\/\/www.youtube.com\/c\/PCMaticVideo"]},{"@type":"Person","@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/person\/e1a87aba65278d9cd1064ad1966895fe","name":"Devin Bergin","url":"https:\/\/www.pcmatic.com\/blog\/author\/devin\/"}]}},"_links":{"self":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/posts\/63098","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/users\/58"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/comments?post=63098"}],"version-history":[{"count":0,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/posts\/63098\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/media\/63107"}],"wp:attachment":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/media?parent=63098"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/categories?post=63098"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/tags?post=63098"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}