On March 2, 2021, Microsoft announced an active zero-day exploitation by a state-sponsored threat actor group of four vulnerabilities present on 2010, 2013, 2016 and 2019 on-premises Exchange servers.