You may have heard the news that Microsoft issued a statement warning that they’ve identified an on-premises Microsoft Exchange vulnerability. Wondering if you need to be worried? Read on → 

If you are still hosting your email on an on-premises Microsoft Exchange server, it is extremely important to check and see if you have been breached. A vulnerability was discovered that allows hackers to access the server without a password and gain access to email accounts, passwords, and other sensitive information. Microsoft has released a patch that needs to be applied to affected servers ASAP. This is still a developing situation, and we are still working hard to understand the complexities of it.

In a statement on their website, Microsoft stated, “We are sharing this information with our customers and the security community to emphasize the critical nature of these vulnerabilities and the importance of patching all affected systems immediately to protect against these exploits and prevent future abuse across the ecosystem.”

microsoft exchange vulnerability

FAQ about the Microsoft Exchange Vulnerability:

How do I know if I’ve been breached? 

  • Get in touch with a security expert
  • Even if you’ve already deployed the patch, get checked. The hacker might have left additional vulnerabilities behind

What is at risk? 

  • Stolen data and passwords
  • Ransomware left behind that will run later
  • Ways to access the server later on 

What to do if I’ve been breached?

  • A patch needs to be deployed ASAP
  • Make a plan to switch to Microsoft 365 

cloud strategy

Our biggest recommendation whether you’ve been breached or not is to consider making the switch to Microsoft 365 Business Premium and work towards leveraging more of Microsoft’s cloud for your IT Operations. We recently hosted a webinar covering many of the reasons why, but it couldn’t be more clear than this vulnerability. On-premises servers are more vulnerable than the cloud. If you do continue to host some applications on-prem, make sure to be deploying patches and checking for updates regularly. 

If you have any questions or are ready to take your business to the cloud with Microsoft 365, get in touch today!