Multiple vulnerabilities were recently identified in Microsoft Exchange Server. These vulnerabilities are being exploited in the wild and some hackers public proof-of-concept (PoC) exploits for the security bugs. It is also reported that multiple hacking groups are actively exploiting the vulnerabilities to deploy ransomware.
Microsoft released a one-click Exchange On-premises Mitigation Tool (EOMT) tool to simple fix these vulnerabilities. Organisation should apply the fix to the affected Exchange Server immediately.
For details, please refer to the below link:
https://threatpost.com/microsoft-exchange-cyberattacks-one-click-fix/164817/
https://www.hkcert.org/security-bulletin/microsoft-exchange-server-multiple-vulnerabilities_20210303
https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/
https://github.com/microsoft/CSS-Exchange/tree/main/Security