Original release date: March 6, 2021
Microsoft has released an updated script that scans Exchange log files for indicators of compromise (IOCs) associated with the vulnerabilities disclosed on March 2, 2021.
CISA is aware of widespread domestic and international exploitation of these vulnerabilities and strongly recommends organizations run the Test-ProxyLogon.ps1 script—as soon as possible—to help determine whether their systems are compromised. For additional information on the script, see Microsoft’s blog HAFNIUM targeting Exchange Servers with 0-day exploits.
For more information about these vulnerabilities and how to defend against their exploitation, see:
This product is provided subject to this Notification and this Privacy & Use policy.
CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA, in collaboration with the Federal Bureau of Investigation, the United Kingdom’s National Cyber Security…
CISA released two Industrial Control Systems (ICS) advisories on October 2, 2025. These advisories provide…
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released ten Industrial Control Systems (ICS) advisories on September 30, 2025. These advisories provide…
This website uses cookies.