Microsoft has released security updates for Exchange 2013, Exchange 2016, and Exchange 2019 to fix some remote code execution vulnerabilities. It’s time to update your on-premises servers again, including those used for hybrid management. Let’s not give those nasty hackers any easy targets to attack.
This is the third article in a continuation of our weekly series celebrating the 10-year anniversary of Office 365. Microsoft MVP Nicolas Blank shares his experience as a Microsoft Certified Master for Exchange 2010, and how his world changed drastically over the past ten years as he followed Exchange into the Cloud.
The Hafnium attack on thousands of on-premises Exchange servers is a wake-up call for their administrators and the organizations using the email service. Ten years ago, it was a reasonable decision to stay on-premises. Five years ago, you could argue the same case and companies with bad network connectivity to the internet or specific security requirements were happy to stay on-premises. Now? In a world of increasing threat, staying on-premises looks a lot more risky. For most, it’s time to move to the cloud.
Microsoft has issued critical security updates for Exchange on-premises servers. The fixes close off four known vulnerabilities which expose Exchange to day-zero attacks. It’s important to apply these updates ASAP.
Microsoft has released new cumulative updates for Exchange Server 2016, Exchange Server 2013, and Exchange Server 2010 SP3 in June 2018.