Important: Steps to Remediate On-Premises Microsoft Exchange Servers Affected by Recent Hack

Keith Goedde | |

Microsoft announced this week that hackers exploited a bug in their email server software to target U.S. organizations.

Table of Content

    Microsoft 365 Version of Exchange Not Impacted.

    Microsoft announced this week that hackers exploited a bug in their email server software to target U.S. organizations. The vulnerabilities exist in on-premises Exchange Servers 2010, 2013, 2016, and 2019. Exchange Online is not affected.

    To minimize or avoid the impact, we recommend that you take immediate action to apply patches for any on-premises Exchange deployments.

    For the most effective remediation, prioritize the application of patches to servers that are accessible from the Internet (e.g., servers publishing Outlook on the web/OWA and ECP).

    To patch these vulnerabilities:

    1. Download the Exchange Server Health Checker script from GitHub (use the latest release).
    2. Run the script to see if you are behind on your on-premises Exchange Server updates (note that the script does not support Exchange Server 2010).
    1. Move to the latest Exchange Cumulative Updates
    2. Install the relevant security updates on each Exchange Server

    Even if you are not using on-premises Exchange servers, Velosio recommends your security team assess whether or not the vulnerabilities were being exploited by using the Indicators of Compromise shared here.

    For additional information, read more on the Microsoft blog.

    Uncategorized

    You may also find these interesting

    Velosio Celebrating an A+ Rating from Comparably LLM Terminology Cheat Sheet Go-Live Effective Planning and Cutover Controls Make All the Difference What is Supply Chain Orchestration and Why is it Important for Your Business? Navigating The Dynamics SL End of Life: The Road Ahead Amid Extended Mainstream Support