Hafnium Hack – How to run the patches, with simple detailed instructions.

Hafnium Hack – How to run the patches, with simple detailed instructions.

Why make such a “How to”? 
Because all articles we found so far, talk about what to do, but none shows how to do it.

So let’s start.

1. HOW TO KNOW IF YOU ARE “INFECTED”

2. INSTALL THE LATEST CU

Before you can apply the “.msb” patch you need to have the latest CU already installed!

3. run your Exchange patch

After the CU is installed then you can run your Exchange patch.

4. Block suspicious IPs

According to Cisa.gov, a number of servers were reported as suspicious: https://us-cert.cisa.gov/ncas/alerts/aa21-062a

  • 103.77.192[.]219
  • 104.140.114[.]110
  • 104.250.191[.]110
  • 108.61.246[.]56
  • 149.28.14[.]163
  • 157.230.221[.]198
  • 167.99.168[.]251
  • 185.250.151[.]72
  • 192.81.208[.]169
  • 203.160.69[.]66
  • 211.56.98[.]146
  • 5.254.43[.]18
  • 5.2.69[.]14
  • 80.92.205[.]81
  • 91.192.103[.]43

For extra security we decided to block  the above IPs both for WAN and LAN traffic (incoming and outgoing connections) into our firewall.

After some hours we noticed WAN traffic coming in from those IPs: It seems they tried to see if the Exchange server was still available for whatever they intended to do..

latest posts

Automate log off process to improve the security of your computer

Hackers are criminals who gain unauthorized access to a network and devices, usually with the intent to steal sensitive data, such as financial information or company secrets.You can protect your...

Automate Creation of Serial Numbers In An Existing PDF Template

We received a request from a client, to automate the creation of Serial Numbers inside a PDF file.The PDF was a A3+ format and was designed in such a way...

How To Replace Accented Characters With Regular latin Characters ?

We got a request from a client, to convert the accented characters of multiple Excel files to plain Latin. Excel VBA is great and really handy but there is no...

Hafnium Hack – How to run the patches, with simple detailed instructions.

Why make such a “How to”? Because all articles we found so far, talk about what to do, but none shows how to do it.So let’s start. 1. HOW TO KNOW IF YOU...

OTHER PRODUCTS