Ransom-seeking hackers have begun taking advantage of a recently disclosed flaw in Microsoft’s widely used mail server software, a researcher said late Wednesday – a serious escalation that could portend widespread digital disruption, writes Raphael Satter for Reuters.
The disclosure, made on Twitter by Microsoft Corp security program manager Phillip Misner, is the realization of worries that have been coursing through the security community for days.
Since March 2, when Microsoft announced the discovery of serious vulnerabilities in its Exchange software, experts have warned that it was only a matter of time before ransomware gangs began using them to shake down organizations across the internet.
Misner didn’t immediately respond to follow-up messages and Microsoft did not return emails seeking comment.
The U.S. Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation also didn’t immediately respond.
Writing for The Hill, Rebecca Klar said After Microsoft’s warning, the Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to immediately investigate, patch or disconnect systems from the Microsoft email application.