Today is a dangerous day for companies that have on-premises versions of Microsoft Exchange Server. Yesterday, March 2, Microsoft announced that it detected multiple 0-day exploits being used in limited and targeted attacks, which means that the hackers know they only have a couple of days left to exploit the hack until the vulnerability is patched.

Microsoft said it believes that Hafnium, “a group assessed to be state-sponsored and operating out of China,” carried out the attacks. Microsoft did not offer evidence supporting the assessment, but said the “state-sponsored” actor was identified by the Microsoft Threat Intelligence Center based on observed “tactics and procedures.”

If you’ve read this far, you should take a moment to ask your IT people if they are aware of the threat. While it has been widely publicized, it has also been made political… which it may be, but that doesn’t mean anything in this context. Make sure your on-premises Microsoft Exchange Server instances are patched and up to date.

Author’s note: This is not a sponsored post. I am the author of this article and it expresses my own opinions. I am not, nor is my company, receiving compensation for it.

About Shelly Palmer

Shelly Palmer is the Professor of Advanced Media in Residence at Syracuse University’s S.I. Newhouse School of Public Communications and CEO of The Palmer Group, a consulting practice that helps Fortune 500 companies with technology, media and marketing. Named LinkedIn’s “Top Voice in Technology,” he covers tech and business for Good Day New York, is a regular commentator on CNN and writes a popular daily business blog. He's a bestselling author, and the creator of the popular, free online course, Generative AI for Execs. Follow @shellypalmer or visit



PreviousZoom's Financials and Innovation NextNet Neutrality in 3 Minutes

Get Briefed Every Day!

Subscribe to my daily newsletter featuring current events and the top stories in technology, media, and marketing.