Microsoft has just released critical security updates for Exchange 2010, 2013, 2016, and 2019 to address a security vulnerability known as Hafnium. Note that Exchange Online servers were not affected, so if you are running your Exchange through Microsoft 365, you do not need to take action.
What Steps Should You Take Now
The first and most crucial step to take is to update your Exchange server to the latest release as soon as possible. Because this is a known security vulnerability, cybercriminals will be on the lookout for unpatched servers to exploit. Here are several tools from Microsoft to help you protect your business:
- Microsoft has an Exchange Server Health Checker tool to help you determine if your system is running the latest release with the security patch included. You can download this resource here. Note that this tool does not work on Exchange 2010, unfortunately.
- If not already there, please update to the latest Exchange Cumulative Update and then install the relevant security updates on each Exchange Server your business uses.
- Microsoft has shared several indicators of compromise that you can use to determine if your server was exploited. You can find them here.
If you are running several servers, Microsoft recommends prioritizing any server that is accessible through the internet (such as those that publish Outlook on the web, OWA, and ECP).
You can learn more about this situation on Microsoft's recent blog post announcing the updates.
Minimizing Risk in the Future
If you determine that your Exchange servers are out-of-date, once you have addressed the immediate concern, consider implementing a regular update cycle plan to ensure you get the latest security patches as soon as possible. Microsoft is constantly on the lookout for ways to protect you, but if you don't apply the update, you can't take advantage of them.
You may also consider hosting your Exchange through Microsoft 365, which is always updated to the latest security protocols as Microsoft releases them.
If you have any questions about this vulnerability or Microsoft services in general, feel free to reach out to Innovia Consulting for assistance. We're here to help!