Microsoft Exchange Server Multiple CVE's

Vendor: Microsoft

Product: Exchange Server 2010, 2013, 2016 & 2019 Date: 4th March 2021

Target: SecOps, SysOps, IT Managers, IT Directors

What's new

Microsoft has released patches for multiple different on-premises Microsoft Exchange Server zero-day vulnerabilities that are being exploited by a nation-state affiliated group.

How does this affect me?

  • These exploits would allow a malicious actor to silently steal data and potentially gain control of your network.
  • The exploit is most prominent in the web-facing Exchange Server components.
  • Customers using Office 365 Exchange Online are not affected by these CVE(s).
  • Customers using Exchange in Hybrid Mode with Exchange Online are affected by these CVE(s).

What do I need to do?

  • Immediately patch Exchange Server with the newly released patches from Microsoft.
  • Datcom will patch all Fully Managed customers.
  • If you have any questions please contact your Account Manager.

References

Get in touch

Call us on 0333 000 3210 or Email us solutions@datcom.co.uk

Latest news...

Log4Shell Vulnerability

A vulnerability has been discovered in a piece of software called "Log4j". This software, developed by Apache, is in millions of other applications to process logging information. Some high-profile use cases are the video game Minecraft, Apple iCloud, Amazon, Twitter, Tesla, the list goes on.

Read More

The Silent Auction is here!

We have a collection of amazing lots to bid for – all kindly donated by East Midland businesses and individuals. Take a look, see what you fancy and make your best offer.

Read More