Contact Sales:| Support:| Pay My BillClient SupportLet’s Talk!
Exchange Server Vulnerability and Patch Management
By Matt Topper and Lindsay Smith
As you may have heard, Microsoft disclosed 4 Zero-Day vulnerabilities in its Exchange server software that essentially allowed full access to Exchange servers without a password. A Zero-Day vulnerability is a security flaw that is unknown to the software vendor until exploited and does not have a fix until the vendor is able to develop one. These vulnerabilities were discovered in early January 2021 and Microsoft released an update in early March 2021 to remedy the issue. Multiple investigations from independent researchers found that threat actors were actively taking advantage of the exchange server vulnerability prior to the release of the update in March 2021. Though many organizations have installed the updates, Microsoft indicated that there were over 80,000 unpatched Exchange servers as of March 12th, 2021. For additional information, see Microsoft’s article about protecting on-premises Exchange Servers against recent attacks.
Who’s At Risk?
Organizations who still use an on-premises Microsoft Exchange Server.
Who’s Not At Risk?
Organizations who use a third-party email provider such as Microsoft Office 365, Gmail, Rackspace, etc…
Iconic Clients – Rest assured, all Exchange Servers have already received the update required to remedy these vulnerabilities. We coordinated with all clients to update the Exchange servers at our clients’ earliest availability when the update was released. We investigated all Exchange servers for signs of compromise and found that 14% of the Exchange servers we manage were impacted by this. These clients were immediately contacted, and their servers have since been remediated promptly. In most cases, we facilitated an immediate migration to Microsoft Office 365.
I’m Not An Iconic IT Customer – Am I At Protected?
We recommend ensuring you install the update on any Exchange servers in your environment. The update requires minimum patch levels, so please be aware, there may be additional updates required before this security update can be installed.
No. Since the update was released well after the issue was discovered, simply installing the patch is not enough. You should investigate the Microsoft Exchange Servers that you manage even if they were updated as soon as the patch was released. Reference Microsoft’s guidance for responders.
Iconic IT Is Here To Help
Security issues like the Microsoft Exchange server vulnerability can be scary. One of the biggest responsibilities of managed IT service providers is to make sure their clients’ networks are updated routinely. At Iconic IT, patch management is a standard part of our cybersecurity strategy to keep your network protected. To learn more about how Iconic IT can help protect your business, request a 10-minute consultation today!
Not sure if your business is at risk? Download our comprehensive DIY Cybersecurity Assessment, included in our Cybersecurity Essentials Kit.