Microsoft Exchange Server Multiple CVE's

Vendor: Microsoft

Product: Exchange Server 2010, 2013, 2016 & 2019 Date: 4th March 2021

Target: SecOps, SysOps, IT Managers, IT Directors

What's new

Microsoft has released patches for multiple different on-premises Microsoft Exchange Server zero-day vulnerabilities that are being exploited by a nation-state affiliated group.

How does this affect me?

These exploits would allow a malicious actor to silently steal data and potentially gain control of your network.

The exploit is most prominent in the web-facing Exchange Server components.

Customers using Office 365 Exchange Online are not affected by these CVE(s).

Customers using Exchange in Hybrid Mode with Exchange Online are affected by these CVE(s).

What do I need to do?

Immediately patch Exchange Server with the newly released patches from Microsoft.

Datcom will patch all Fully Managed customers.

If you have any questions please contact your Account Manager.

References

https://blogs.microsoft.com/on-the-issues/2021/03/02/new-nation-state-cyberattacks/

CVE-2021-26412

CVE-2021-26854

CVE-2021-26855

CVE-2021-26857

CVE-2021-26858

CVE-2021-27065

CVE-2021-27078

Get in touch

Call us on 0333 000 3210 or Email us solutions@datcom.co.uk

Latest news...

Microsoft 365 Outage on 25 Jan 2023

Notice for Microsoft 365 Outage 25 Jan 2023

Why Managed IT Services are good for your business

The East Midlands is packed with amazing and successful businesses – all of which are different and unique in the way they conduct themselves and achieve their goals. One thing that many of these businesses do have in common is that they choose to use Managed IT Services.

Charity of the Year: Lymphoma Action

This year, Datcom have chosen to raise money for Lymphoma Action and help support people affected by this cancer. The Datcom team have been busy thinking up fresh ideas and this year we’re going big!