Major vulnerabilities in Microsoft Exchange require immediate action
If you haven’t patched your Exchange servers yet, do so now.
Microsoft and many others have confirmed that the recently discovered
vulnerabilities in Exchange Server are being actively exploited by state
actors and criminals alike.
The vulnerabilities compromise all email
traffic, and therefore by proxy also a huge number of other external
applications that use email as a medium for password resets or second
factors for login. Of course, that is on top of also being a potential
stepping stone into the internal network of a company.
To get more information on the patches, please visit the following link: https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/
Secura has confirmed , there were many (1500+) vulnerable servers in the Dutch IP space alone, including government, healthcare and critical infra. Secura would like to stress the fact that patching internet-facing servers these days has to be extremely reactive: same-day responses are necessary to prevent compromise. Moreover, companies should question whether they want such servers publicly accessible in the first place. Secura recommends placing such infrastructure behind an strongly authenticated VPN in order to prevent unauthorized access. Other cybersecurity companies have confirmed that the situation outside of The Netherlands is no different with many thousands of companies being vulnerable. If you have questions on how to secure your infrastructure or applications, please contact Secura and send us an email via: firstname.lastname@example.org