A new Exchange vulnerability has been disclosed this week known as ProxyToken that allows someone who can access an Exchange 2013, 2016 or 2019 server over HTTPS to perform configuration actions against mailboxes of their choosing, such as setting forwarding rules. Find out what you need to do to protect your organization.
Microsoft has released security updates for Exchange 2013, Exchange 2016, and Exchange 2019 to fix some remote code execution vulnerabilities. It’s time to update your on-premises servers again, including those used for hybrid management. Let’s not give those nasty hackers any easy targets to attack.
Microsoft has delayed the release of the June 2021 cumulative updates for Exchange Server for two weeks to integrate the Windows Antimalware Scan interface (AMSI). The change will allow Exchange 2016 and Exchange 2019 servers running on Windows Server 2016 or later to integrate antimalware engines to check HTTP requests for potential problems. If ever there was good reason to delay an update, this is it.
The Hafnium attack on thousands of on-premises Exchange servers is a wake-up call for their administrators and the organizations using the email service. Ten years ago, it was a reasonable decision to stay on-premises. Five years ago, you could argue the same case and companies with bad network connectivity to the internet or specific security requirements were happy to stay on-premises. Now? In a world of increasing threat, staying on-premises looks a lot more risky. For most, it’s time to move to the cloud.
Microsoft has issued critical security updates for Exchange on-premises servers. The fixes close off four known vulnerabilities which expose Exchange to day-zero attacks. It’s important to apply these updates ASAP.