
Microsoft released several security updates for Microsoft Exchange Server to address vulnerabilities that have already been used in limited targeted attacks. Due to...
Authored by: Mark Shaffer
Microsoft released several security updates for Microsoft Exchange Server to address vulnerabilities that have already been used in limited targeted attacks. Due to the critical nature of these vulnerabilities, it is recommended that customers apply the updates to affected systems immediately to protect against these exploits and to prevent future abuse across the ecosystem.
The vulnerabilities affect Microsoft Exchange Server. Exchange Online is not affected.
The identified vulnerable versions are:
- Microsoft Exchange Server 2013
- Microsoft Exchange Server 2016
- Microsoft Exchange Server 2019
Microsoft Exchange Server 2010 is being updated for Defense-In-Depth purposes.
These vulnerabilities can be strung together to create an attack chain. The initial attack requires the ability to make an unauthorized connection to the Exchange server port 443. This can be prevented by restricting unauthorized connections, or by setting up a VPN to separate the Exchange server from external access. Using this mitigation will only protect against the initial portion of the attack; other portions of the chain can be triggered if an attacker already has access or can convince an administrator to run a malicious file.
We recommend prioritizing installing updates on Exchange Servers that are externally facing. All affected Exchange Servers should be updated.
CISA Issues Emergency Directive and Alert on Microsoft Exchange Vulnerabilities | CISA
Want to learn more? Complete the form below and we'll be in touch. If you are unable to see the form below, please complete your submission here.Contact us