The Hafnium attack on thousands of on-premises Exchange servers is a wake-up call for their administrators and the organizations using the email service. Ten years ago, it was a reasonable decision to stay on-premises. Five years ago, you could argue the same case and companies with bad network connectivity to the internet or specific security requirements were happy to stay on-premises. Now? In a world of increasing threat, staying on-premises looks a lot more risky. For most, it’s time to move to the cloud.
Microsoft has issued critical security updates for Exchange on-premises servers. The fixes close off four known vulnerabilities which expose Exchange to day-zero attacks. It’s important to apply these updates ASAP.