Home / Tech / News / US remains the top country affected by Microsoft’s zero-day bugs

US remains the top country affected by Microsoft’s zero-day bugs

These vulnerabilities allow an attacker to read emails from an Exchange server without authentication or accessing an individual’s email account.

Most targeted industry sector has been Government/Military (27% of all exploit attempts), followed by Manufacturing (22%), and then Software vendors (9%). Most targeted industry sector has been Government/Military (27% of all exploit attempts), followed by Manufacturing (22%), and then Software vendors (9%).
Most targeted industry sector has been Government/Military (27% of all exploit attempts), followed by Manufacturing (22%), and then Software vendors (9%). (CPR)

Microsoft, earlier this month, revealed four vulnerabilities affecting its Microsoft Exchange Servers. These vulnerabilities not only enable hackers to run a code on the Microsoft Exchange Servers but also write a path on the server. Now, a new report by Check Point Research says that in the past 72 hours, attacks on organisations on Microsoft Exchange Server have multiplied by more than six times.

The country most attacked has been The United States (21% of all exploit attempts), followed by The Netherlands (12%) and Turkey (12%).
The country most attacked has been The United States (21% of all exploit attempts), followed by The Netherlands (12%) and Turkey (12%). (CPR)

The report also talks about the industries most affected by hacks. The report says that with 27% of the exploit attempts, government and military remain the most affected industry, followed by manufacturing with 22% of exploit attempts and software vendors with 9% of exploit attempts. Interestingly, education remains the fourth most affected sector with roughly six percent of the exploit attempts.

To give you a quick brief about the vulnerabilities, Microsoft on March 3 released an emergency patch for its Exchange Server product. This patch fixed four vulnerabilities, which includes CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065.

More From This Section

These vulnerabilities allow an attacker to read emails from an Exchange server without authentication or accessing an individual’s email account. They also enable attackers to completely take over the mail server itself. Once an attacker takes over the Exchange server, they can open the network to the internet and access it remotely. Microsoft has already released an emergency patch to fix these vulnerabilities so your data is safe now.

Follow HT Tech for the latest tech news and reviews, also keep up with us on Twitter, Facebook, and Instagram. For our latest videos, subscribe to our YouTube channel.