Important: Steps to Remediate On-Premises Microsoft Exchange Servers Affected by Recent Hack

Keith Goedde | |

Microsoft announced this week that hackers exploited a bug in their email server software to target U.S. organizations.

Table of Content

    Microsoft 365 Version of Exchange Not Impacted.

    Microsoft announced this week that hackers exploited a bug in their email server software to target U.S. organizations. The vulnerabilities exist in on-premises Exchange Servers 2010, 2013, 2016, and 2019. Exchange Online is not affected.

    To minimize or avoid the impact, we recommend that you take immediate action to apply patches for any on-premises Exchange deployments.

    For the most effective remediation, prioritize the application of patches to servers that are accessible from the Internet (e.g., servers publishing Outlook on the web/OWA and ECP).

    To patch these vulnerabilities:

    1. Download the Exchange Server Health Checker script from GitHub (use the latest release).
    2. Run the script to see if you are behind on your on-premises Exchange Server updates (note that the script does not support Exchange Server 2010).
    1. Move to the latest Exchange Cumulative Updates
    2. Install the relevant security updates on each Exchange Server

    Even if you are not using on-premises Exchange servers, Velosio recommends your security team assess whether or not the vulnerabilities were being exploited by using the Indicators of Compromise shared here.

    For additional information, read more on the Microsoft blog.

    Ransomware & Cybersecurity
    Conference
    Dynamic Communities Summit ’23
    October 15-20, 2023
    Learn More
    Advanced Projects for D365 Business CentralAgribusinessAnalytics, Business Intelligence & WorkflowsAXIO Advanced ProjectsAXIO for Dynamics 365 FinanceBusiness ProductivityCloudCommercial HVACData FabricDealer ManagementDistributionDynamics 365 Business CentralDynamics 365 Customer Engagement & Dynamics CRMDynamics 365 ERPDynamics 365 Finance and OperationsDynamics AXDynamics GPDynamics NAVDynamics SLEnterprise Resource Planning (ERP)Field ServiceGenerative AIIndustry InsightsMarketing AutomationMicrosoft (Office) 365Microsoft CopilotNon-ProfitOn-Premises DynamicsPower AppsPower AutomatePower BIPower PlatformProject Centric BusinessProject Service AutomationRansomware & CybersecurityRestaurant Equipment DistributionSharePoint
    Illustration of No-Code, Low-Code Platform

    Power Apps and Copilot — Low Code, No Code, Smart Code

    Daryl Moll

    Recently, Microsoft began introducing its generative AI tool, Copilot, into each of the Microsoft Power Platform’s components, and we’re breaking down each introduction in this series of Copilot for Power Platform posts. Microsoft Power Apps is a suite of low-code and no-code development tools that allows you to create custom business applications and automate workflows.…
    LEARN MORE
    Speed Order Entry and Multi-Order Management are just two of the helpful features you can find in SilverLeaf

    Speed Order Entry and Multi Order Management for Greenhouse Growers

    Sara Silver

    For greenhouse growers, your sales order processes have a big impact on your customers. The faster you process orders, the sooner they receive your products. And by managing open orders efficiently, you can make sure they arrive on time. You also free up time for your sales team to provide better service to your customers.…
    LEARN MORE
    Person Working at a Laptop With a Virtual Agent Displayed in the Air

    Power Virtual Agents and Copilot — Your Agent of Change

    Daryl Moll

    We’ve been working our way through the introduction of Microsoft Copilot into Power Platform, highlighting the features and functionalities this generative AI tool brings to each application within the platform, including Power Automate, Power Apps, Power Pages, Power BI, and Power Virtual Agents. Here, we’ll showcase how Copilot in Power Virtual Agents may be the…
    LEARN MORE