Microsoft warns customers to patch their Exchange servers because attackers always exploit unpatched installations.
Microsoft published a post urging customers to secure their Exchange servers because attackers are actively seeking to exploit vulnerabilities in unpatched installations. IT giants recommend installing the latest Cumulative Updates (CUs) and Security Updates (SUs) available for their Exchange servers.
“There are too many aspects of an unpatched on-premises Exchange environment that are valuable to bad actors looking to exfiltrate data or commit other malicious acts.” reads post Published by Microsoft. “First, user mailboxes often contain important and sensitive data. Second, every Exchange server contains a copy of the company’s address book, which provides a lot of useful information for social engineering attacks, such as organizational structure, job titles, and contact information. Third, Exchange has deep hooks and permissions within Active Directory and access to connected cloud environments in a hybrid environment.”
Attackers can exploit vulnerabilities in unpatched installations to steal sensitive information contained in user mailboxes, gather intelligence on target activity, or gain access to connected cloud environments.
After installing the update, we recommend that administrators take some manual action. Microsoft recommends running: health checker After installing the update, check these actions. The health checker provides links to articles that provide step-by-step instructions.
The IT giant pointed out that mitigation is designed to provide: temporary protection However, until the SU is available, it may not be sufficient to protect against all variant attacks, so installing the SU is essential.
Below is a list of recommendations provided by the company.
- Always read blog post announcements, mentioning known issues and recommended or required manual actions. For CU, always: Guidelines and Best PracticesFor SU Security Update Guide to find relevant information.
- Review the update FAQ in the article. Why Exchange Server updates are important.
- use Exchange Server Health Checker Make a list of servers, check which Exchange servers (CU or SU) need updating, and see if any manual action needs to be taken.
- When you know what updates are needed Exchange Update Step-by-Step Guide (Also known as the Exchange Update Wizard) Select the currently running CU and the target CU and get instructions for updating your environment.
- If an error occurs during update installation SetupAssist Scripts can help solve these problems. And if there are parts that do not work properly after the update, Update troubleshooting guideWe cover the most common problems and solutions.
- You must install all necessary updates for Windows Server and any other software that may be running on your Exchange server.
- Be sure to install all necessary updates on your dependency servers, including Active Directory, DNS, and other servers used by Exchange.
Follow me on Twitter: @securityaffairs And Facebook And Mastodon
(security work – Hacking, Microsoft Exchange Server)
share