This past week, security researchers discussed several ProxyShell vulnerabilities, including those which might be exploited on unpatched Exchange servers to deploy ransomware or conduct other post-exploitation activities. If you have installed the May 2021 security updates or the July 2021 security updates on your Exchange servers, then you are protected from these vulnerabilities. Exchange Online customers are also protected (but must make sure that all hybrid Exchange servers are updated).
But if you have not installed either of these security updates, then your servers and data are vulnerable. As we have said several times, it is critical to keep your Exchange servers updated with latest available Cumulative Update (CU) and Security Update (SU).
Your Exchange servers are vulnerable if any of the following are true:
In all of the above scenarios, you must install one of latest supported CUs and all applicable SUs to be protected. Any Exchange servers that are not on a supported CU and the latest available SU are vulnerable to ProxyShell and other attacks that leverage older vulnerabilities.
Our recommendation, as always, is to install the latest CU and SU on all your Exchange servers to ensure that you are protected against the latest threats. Please update now!
The Exchange Team
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.