Microsoft Exchange Hack:
What You Need to Know and How You Can Remain Protected

On March 2nd, 2021, Volexity reported the in-the-wild exploitation of the following Microsoft Exchange Server vulnerabilities: CVE-2021-26855CVE-2021-26857CVE-2021-26858, and CVE-2021-27065. Further investigation uncovered that an attacker was exploiting a zero-day and used in the wild. The attacker was using the vulnerability to steal full contents of several user mailboxes. This vulnerability is remotely exploitable and does not require authentication or special knowledge or access to a specific environment. Our teams are working across the board, side-by-side with other industry leaders, to provide the best protection against these attacks.


MS Exchange vulnerabilities hero floater

Exchange Attacks

Attacks Targeting
Microsoft Exchange:
Check Point Customers Remain Protected

Based on signatures and indicators observed, Check Point is making sure its customers are protected against those exploits. In addition, we recommend immediately updating all Microsoft Exchange Servers to the latest patched versions available by Microsoft. Check Point is closely monitoring the situation and will provide further updates if needed.


Incident Response Services

At any moment, day or night, your organization can be victimized by devastating cybercrime. You can’t predict when cyberattacks will happen, but you can use proactive incident response to quickly mitigate its effects or prevent them altogether.


the Four Zero-day Microsoft Exchange

Exploits on Organizations Worldwide Grow Tenfold after Microsoft’s Revelation

  • CPR has seen thousands of exploit attempts against organizations worldwide.
  • CPR has observed that the number of attempted attacks have increased tenfold from 700 on March 11 to over 7,200 on March 15.
  • The country most attacked has been The United States (17% of all exploit attempts), followed by Germany (6%), the United Kingdom (5%), The Netherlands (5%) and Russia (4%).
  • Most targeted industry sector has been Government/Military (23% of all exploit attempts), followed by Manufacturing (15%), Banking & Financial Services (14%), Software vendors (7%) and Healthcare (6%).

Intrusion Prevention System (IPS)

Intrusion Prevention Systems detect or prevent attempts to exploit weaknesses in vulnerable systems or applications, protecting you in the race to exploit the latest breaking threat. Check Point IPS protections in our Next Generation Firewall are updated automatically. Whether the vulnerability was released years ago, or a few minutes ago, your organization is protected.


Intrusion Prevention Systems

CPR logo

Fighting Cyber-Crime One Research at a Time

Check Point Research publications and intelligence sharing fuel the discovery of new cyber threats and the development of the international threat intelligence community to keep you secure.


Subscribe to the Check Point Research Feed

This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.