A Chinese national, Xu Zewei, has been extradited to the US from Italy and formally charged for his alleged role in the Silk Typhoon attacks, which compromised nearly 13,000 US organizations during the pandemic. The attacks exploited zero-day vulnerabilities in Microsoft Exchange Server to steal COVID-19 research, with Xu and his co-conspirators allegedly directed by China's intelligence services. The exploits targeted Microsoft Exchange Server, highlighting the importance of prompt patching to prevent similar attacks. The Justice Department's charges against Xu mark a significant development in the case, which involved the exploitation of multiple zero-day vulnerabilities1. The extradition and charges against Xu demonstrate the US government's commitment to holding foreign actors accountable for cyberattacks on American organizations. So what matters to practitioners is that zero-day activity targeting Microsoft means patching windows are already closing, making it essential to assess exposure immediately.