Microsoft Announce Critical Security Update for Microsoft Exchange

Published: 9 March 2021

On March 2nd Microsoft announced that four critical security vulnerabilities had been identified in Microsoft Exchange Server versions 2013 to 2019. Recently released data shows that these vulnerabilities may have been actively exploited since January 2021 and current estimates are that 30,000 organisations in the United States alone, may have been impacted.

To mitigate further risk of exploitation, our technical support teams are pro-actively contacting potentially impacted clients to arrange for essential security updates to be applied. If you are running an on-premise version of Microsoft Exchange and you haven’t heard from us, please contact our technical support team (https://support.xperience-group.com) for further assistance.

Security as a Service Clients – Cisco released updated threat detection rule sets on March 3rd, which were automatically deployed to our Security as a Service Platforms. Our Security Teams continue to monitor the situation and further defensive measures will be deployed as required.

Microsoft Office 365 Users – Microsoft has confirmed that Exchange Online services are not affected by these vulnerabilities.

If you’re concerned about the impact of this incident, or should you wish to enquire about our comprehensive security solutions, please contact your client account manager or click here to request a call back.

Microsoft Support Articles
HAFNIUM targeting Exchange Servers with 0-day exploits
Microsoft Exchange Server Vulnerabilities Mitigations
March 2021 Exchange Server Security Updates

Read More

What is “Going Serverless” and what are the benefits?

28 March 2024

Find out the benefits of Serverless Computing in our blog.

The Power of CRM and Marketing Automation Integration

21 March 2024

CRM and Marketing Automation: Find out more on how to take your customer relationships to the next level in our blog.

Microsoft Intune and Autopilot – What are the key feat...

20 March 2024

Find out about the key features of Microsoft Intune and Autopilot in our latest blog, helping Device Management and Set up.

MFA: why you need additional Cyber Security defence  

14 March 2024

MFA (Multi Factor Authentication) is a great tool for adding an extra cyber protection, however it's not enough on its own.

Is an annual penetration test really necessary?

13 March 2024

Read more...