Microsoft has released emergency patches for four previously unknown vulnerabilities in Exchange Server. The flaws allow the extraction of mailbox contents and the installation of backdoors on vulnerable servers. Microsoft attributes the attacks to a Chinese APT group dubbed Hafnium that has a history of exploiting vulnerabilities in internet-facing servers. The group has targeted entities in the US including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs. Microsoft advises organizations to deploy newly released Exchange Server updates as soon as possible.”]