Microsoft released security patches last week after disclosing that Chinese hackers had gained access to users' accounts through vulnerabilities on its Exchange Server email software. As Exchange is still used widely around the world, it could lead companies to spend more on security and move to cloud-based email instead of running their own email servers.

A Guardian report from Monday said that the Biden administration was launching an emergency taskforce to address the cyberattack.

Here’s all that you need to know about the cyberattacks:

Microsoft disclosed on March 2 about vulnerabilities on its Exchange Server email software for corporate and government data centres. Following this, it released patches for Exchange 2010, 2013, 2016 and 2019 versions.

Following the breach, Microsoft deviated from its schedule of releasing updates on Tuesday — the second Tuesday of each month. This month, the announcement about the attacks on the Exchange software came on the first Tuesday.

Besides, Microsoft issued a patch for the 2010 edition, even as its support ended in October. "This means the vulnerabilities, the attackers exploited, have been in the Exchange Server code base for more than 10 years," security blogger Brian Krebs wrote on Monday.

Microsoft said Hafnium, based in China, is the main group exploiting the vulnerabilities.

When did the attacks start?

The attacks started in early January, according to security company Volexity and Microsoft had identified some of the issues.

Will the flaws affect Office 365?

No.

What are the attackers targeting?

The group aimed to gain information from defence contractors and schools among other entities in the US, a senior Microsoft official wrote in a blog. According to security company FireEye, the victims also include US retailers. The city of Lake Worth Beach was also a target, says Palm Beach Post. The European Banking Authority said it had been hit too.

Last Friday, the Wall Street Journal published that there could be 2,50,000 or more victims.

Will the patches banish attackers from compromised systems?

Although Microsoft said no, the company is asking customers to install the security patches it delivered last week, immediately. That apart, it has released information to help customers know if their networks had been hit. On Monday (March 8), the company also released security patches for the versions of Exchange Server that did not have the most recent available software updates.

What are the implications?

Interestingly, the cyberattacks could be beneficial for Microsoft, because the company also makes security software that clients may want to start using because of the cyberattacks. However, many Microsoft customers have switched to cloud-based email, while some organisations rely on Google’s cloud-based Gmail, which is not affected by the Exchange Server flaws.