Warning: 4 zero-day flaws in Exchange Server

Warning level: Critical

Microsoft has just issued emergency patches for 4 vulnerabilities (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065) in Exchange Server. Exploiting these flaws, hackers can hijack the server, install malware and steal data. These are critical with CVSS of 9.1/10.

Currently, hacker groups around the world are scanning and attacking. As recorded by Bkav, in Vietnam, many state agencies, banking and financial institutions are still using the vulnerable versions of Microsoft Exchange. Due to the important nature of the mail server, the risk of exploitation is high.

We suggest agencies and organizations urgently review and update the patches for their systems, quickly check and update the patches according to Microsoft's guidance here.

Bkav

You can learn more about different severity levels

Zero-day vulnerabilities are discovered in operating systems or worldwide popular softwares.

New and dangerous viruses emerge with high spreading rate worldwide. (For instance: Code Red, Blaster, Conficker…).

Malicious attacks performed by Vietnamese or global hackers. (For instance: DDoS attacks aimed at Korea and US government’s websites etc.).

Critical vulnerabilities are still being exploited at large scale though patches are already available.

The spread of viruses or malicious attacks in specific and large community or regions (For instance: all over Vietnam, South East Asia, etc.).

The emergence of viruses exploiting new technology. As all defense systems are not yet ready and antivirus softwares have not been updated with new definitions, both individuals and enterprises are affected. (For instance: Skype wiretapping Trojan, virus that infects Delphi Code Translator, etc.).

The vulnerabilities have already been patched and being exploited only at small scale.

Cyber attacks and viruses spread at small scale.

There is no sign of cyber attacks or viruses spread worldwide. Network systems are working fine.