Does your organisation run a Microsoft Exchange Server? If so read on!
Microsoft has detected multiple zero day exploits attacking on-premises versions of Microsoft Exchange Server. In these attacks, the threat actor accesses on-premises Exchange servers (and the associated email accounts) and installs additional malware to retain unauthorized access to the environment.
What is Affected?
The vulnerabilities affect Microsoft Exchange Server. Exchange Online is NOT affected.
The versions affected are:
- Microsoft Exchange Server 2013
- Microsoft Exchange Server 2016
- Microsoft Exchange Server 2019
What to Do
If you run any of the affected versions, IMMEDIATELY apply these updates to affected systems to protect against these exploits. Externally facing Exchange servers should be updated first and then update all affected Exchange Servers.
When you purchase one of our cyber insurance policies you’ll receive vital cybersecurity updates such as this and online training courses to keep your employees up-to-date with the current cyber threats.