• Home
  • E-Suite
    • E-Visor
    • E-Visor Teams App
    • E-Vigilant
    • E-Inspector
    • E-Cryptor
    • E-Migrator
    • Resources
  • Services
    • Managed Services
  • Solutions
    • Advanced Compliance
    • Secure Communications
    • Device Management
    • Threat Response
    • Identity Optimization
    • Information Protection
    • Resources
  • Offerings
    • E-Suite ofertas de descubrimiento
    • Workshops & Trainings
    • Assessments
    • Architecture design session
    • Proof of concept
    • Managed Services
    • Resources
  • Webinars
  • About us
    • News and events
    • Careers
    • Partners
    • Microsoft FastTrack Ready Partner
    • Personal data processing policy
    • Terms & Conditions
    • Support
  • Blog
  • Mar 3
  • Comments (0)

Microsoft: Security Alert – MS Exchange Server Patch Alert

Today Microsoft announced vulnerabilities which exist in on-premises Exchange Servers 2010, 2013, 2016, and 2019 and which need to be address immediately. Exchange Online is not affected.

To minimize or avoid impacts of this situation, Microsoft highly recommends that clients take immediate action to apply the patches for any on-premises Exchange deployments they have or are being managed by partners or to receive the steps they need to take to mitigate. The priority being servers which are accessible from the Internet (e.g., servers publishing Outlook on the web/OWA and ECP). 

To patch these vulnerabilities, clients should move to the latest Exchange Cumulative Updates and then install the relevant security updates on each Exchange Server. 

 

  • You can use the Exchange Server Health Checker script, which can be downloaded from GitHub (use the latest release).
  • Running this script will tell you if you are behind on your on-premises Exchange Server updates (note that the script does not support Exchange Server 2010). 
  • We also recommend that your security team assess whether or not the vulnerabilities were being exploited by using the Indicators of Compromise we shared here.


Exchange patch information

  • March 2, 2021 Security Update Release – Release Notes – Security Update Guide – Microsoft
  • CVE-2021-26855| Microsoft Exchange Server Remote Code Execution Vulnerability (public) 
  • CVE-2021-26857| Microsoft Exchange Server Remote Code Execution Vulnerability (public) 
  • CVE-2021-26858| Microsoft Exchange Server Remote Code Execution Vulnerability (public) 
  • CVE-2021-27065| Microsoft Exchange Server Remote Code Execution Vulnerability (public) 

 

We at Synergy Advisors are committed to working with clients through this issue so please let us know if you need help ASAP. 

  • Share:
Previous Article: New E-Visor Teams App Basic and AADP Better Together Capabilities 1/2
Next Article New E-Visor Teams App Basic and AADP Better Together Capabilities 2/2

Categories

  • Awards and Recognitions
  • Blog
  • Collaboration
  • General News
  • Solutions
  • Webinars

Recent Posts

  • Beyond the cybersecurity trends that 2023 brings us
  • Right-size permissions across a multi-cloud environment
  • Cybersecurity talent shortage: how to solve a growing problem?
  • E-Suite
  • E-Visor Teams App
  • E-Cryptor
  • E-Inspector
  • E-Migrator
  • E-Vigilant

Contact Us

Have any questions? Reach us at (+1) 425-689-3310 or fill out the form at https://synergyadvisors.biz/support/

©2020 Synergy Advisors LLC. ALL RIGHTS RESERVED.