Microsoft security flaw could cause trouble for 20,000 US companies

By: |
March 08, 2021 7:25 PM

Hafnium has been at work since January, breaking into the servers of the email remotely and quietly emptying the inboxes of these organisations.

Microsoft has published ways to fix these vulnerabilities.

Microsoft security: A security flaw in a Microsoft software has put 20,000 companies in the US at risk as hackers behind the digital intrusion are breaking into the server and getting access to the data of the US and Europe-based organisations. Experts opined that soon other cybercriminals could clone these tools used to break in, potentially further endangering the clients using Microsoft’s Exchange email and calendar software. The group which is using these tools has been called Hafnium by Redmond, and it has exploited four previously unknown vulnerabilities. Hafnium is allegedly a Chinese group.

Hafnium has been at work since January, breaking into the servers of the email remotely and quietly emptying the inboxes of these organisations without even having to send any malicious email or attachment.

As per reports, while Norwegian authorities said that their country had witnessed a limited use of these tools, Prague municipality and Czech Labour and Social Affairs Ministry were affected by the attack. Officials have said that the hackers were using the technique with ease, meaning that they have had a “free buffet” since they began this attack back in January.

While Hafnium is a major cause of concern, what’s adding to the problems is the fact that others could also clone these tools and join the attack.

Microsoft has published ways to fix these vulnerabilities, however, and the users in the US have been asked by the government to update their software to fix this issue. But, not everyone is updating the software in practice.

Now, with the help of these fixes, other hackers are trying to reverse engineer the tools that Hafnium must have used, in a bid to find how they would be able to appropriate these tools for their own selves and exploit the updated system.

If these hackers are able to succeed, the attacks could get even more aggressive, experts believe.

Get live Stock Prices from BSE, NSE, US Market and latest NAV, portfolio of Mutual Funds, Check out latest IPO News, Best Performing IPOs, calculate your tax by Income Tax Calculator, know market’s Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.

Financial Express is now on Telegram. Click here to join our channel and stay updated with the latest Biz news and updates.

Next Stories
1Idea Exchange | Disproportionate energy on tech firms vs govt narrative. The conversation must happen but not framed as a daily debate: Ajit Mohan, MD, Facebook India
2PlayStation 5 versus Xbox Series X: Seagate storage expansion card tips the scales in Microsoft’s favour
3Google Play Store revises content policy, places ‘sugar dating’ apps under ban