Urgent Microsoft Exchange security update released
Microsoft has released an urgent update for Exchange Server in response to servers being actively attacked by a sophisticated threat actor. Organisations running Microsoft Exchange servers, particularly those directly exposed to the internet, are urged to patch these servers immediately. Exchange Online is not affected.
Microsoft Exchange Server versions:
Microsoft Exchange Server 2010 will also receive a patch despite being out of support.
What this means
Attackers are exploiting multiple vulnerabilities in order to gain access to Exchange servers with SYSTEM privileges, which can lead to data exfiltration and further network compromise.
What to look for
How to tell if you're at risk
If you are running Exchange Server version 2010, 2013, 2016 or 2019, and have not yet applied the updates released today.
How to tell if you're affected
For a full list of indicators of compromise, see the Microsoft Security blog.
Microsoft Security blog has further information about the attacks with Indicators of Compromise.
If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.
For media enquiries, email our media desk at firstname.lastname@example.org or call the MBIE media team on 027 442 2141.