Microsoft urges administrators of on-premises Exchange servers to keep them patched and up-to-date, warning that attackers “never go away.”
In a blog post yesterday, the tech giant Exchange team advised customers to install the latest available Cumulative Updates (CUs) and Security Updates (SUs) on all servers and, in some cases, on Exchange management tools workstations. Advised me to install it.
CUs are designed to streamline the patching process by bundling multiple fixes into a single update. SU is mounted on it.
Both are cumulative, so organizations should only install the latest.
“Install the latest CU and then check if SU was released after the CU was released. If so, install the latest (latest) SU,” explained Microsoft.
At the time of writing, the latest version is CU12 for Exchange Server 2019, CU23 for Exchange Server 2016, CU23 for Exchange Server 2013, and the latest SU is January 2023 SU.
“Attackers who want to exploit unpatched Exchange servers will never go away. There are too many facets of value to a malicious person trying to do so,” warns Microsoft.
“First, user mailboxes often contain important and sensitive data. , job title, contact information, etc. And third, Exchange has deep hooks and permissions into Active Directory and, in hybrid environments, access to connected cloud environments. can.”
Attackers have exploited on-premises Exchange Server deployments multiple times in recent years, most notably the ProxyLogon attack in March 2021 and the ProxyNotShell bug patched in November 2022.
Microsoft urged system administrators to always run HealthChecker after installing the update to see if there are any additional manual tasks to perform.
Editorial Credit Icon Image: monticello / Shutterstock.com
