Contact Sales: |   Support: | Pay My BillClient SupportLet’s Talk!

Exchange Server Vulnerability and Patch Management

By Matt Topper and Lindsay Smith

What Happened?

As you may have heard, Microsoft disclosed 4 Zero-Day vulnerabilities in its Exchange server software that essentially allowed full access to Exchange servers without a password.  A Zero-Day vulnerability is a security flaw that is unknown to the software vendor until exploited and does not have a fix until the vendor is able to develop one.  These vulnerabilities were discovered in early January 2021 and Microsoft released an update in early March 2021 to remedy the issue.  Multiple investigations from independent researchers found that threat actors were actively taking advantage of the exchange server vulnerability prior to the release of the update in March 2021.  Though many organizations have installed the updates, Microsoft indicated that there were over 80,000 unpatched Exchange servers as of March 12th, 2021. For additional information, see Microsoft’s article about protecting on-premises Exchange Servers against recent attacks.

Who’s At Risk?

Organizations who still use an on-premises Microsoft Exchange Server. 

Who’s Not At Risk?

Organizations who use a third-party email provider such as Microsoft Office 365, Gmail, Rackspace, etc…

Iconic Clients – Rest assured, all Exchange Servers have already received the update required to remedy these vulnerabilities.  We coordinated with all clients to update the Exchange servers at our clients’ earliest availability when the update was released.  We investigated all Exchange servers for signs of compromise and found that 14% of the Exchange servers we manage were impacted by this.  These clients were immediately contacted, and their servers have since been remediated promptly.  In most cases, we facilitated an immediate migration to Microsoft Office 365.

I’m Not An Iconic IT Customer – Am I At Protected?

We recommend ensuring you install the update on any Exchange servers in your environment.  The update requires minimum patch levels, so please be aware, there may be additional updates required before this security update can be installed. 

No.  Since the update was released well after the issue was discovered, simply installing the patch is not enough.  You should investigate the Microsoft Exchange Servers that you manage even if they were updated as soon as the patch was released.  Reference Microsoft’s guidance for responders.

Iconic IT Is Here To Help

Security issues like the Microsoft Exchange server vulnerability can be scary. One of the biggest responsibilities of managed IT service providers is to make sure their clients’ networks are updated routinely. At Iconic IT, patch management is a standard part of our cybersecurity strategy to keep your network protected. To learn more about how Iconic IT can help protect your business, request a 10-minute consultation today!

Not sure if your business is at risk? Download our comprehensive DIY Cybersecurity Assessment, included in our Cybersecurity Essentials Kit.

Cybersecurity Essentials Kit

RECENT BLOG POST

Computers Blog

Exchange Server Vulnerability and Patch Management

Microsoft’s Exchange server vulnerability to 4 zero-day security flaws may leave your business at risk. Learn more about this threat.
Read Post
Computers Blog

Six Tips for Cultivating a Positive Remote Work Culture

Today’s remote employee is independent, productive, aligned with their employer’s remote work culture, and has a perfect work-life balance. Right? Not so fast.
Read Post
charity donations Blog

Identifying Mission Friendly Vendors: What You Don’t Know Can Hurt You

Not all for-profit corporations will have your mission’s best interests at heart. In fact, some vendors can be harmful to your NPO. How can you identify mission friendly vendors that will help you move your vision forward?
Read Post