Microsoft warns even patched Exchange servers can still be attacked

Microsoft’s analysis of the series of attacks that exploit the now-fixed zero-day vulnerabilities on Exchange servers reveals that the threat doesn’t end simply by applying patches.

Chinese state-sponsored threat actor Hafnium was blamed for being the first to exploit the vulnerabilities known as ProxyLogon vulnerabilities. Utilities such as Microsoft’s one-click tool has helped ensure that over 90% servers, several at small business that lack dedicated IT and security teams, have now plugged the vulnerabilities. However, the threat is far from over.