Skip to the main content.

1 min read

Microsoft Exchange Email Servers Vulnerabilities

Microsoft Exchange Email Servers Vulnerabilities

Hackers are targeting Microsoft email servers after a series of vulnerabilities were detailed at a computer security conference earlier this month.

We strongly recommend you update to the latest security patches as soon as possible:

  • Exchange 2019 CU10 + KB5004780 = v15.2.922.13
  • Exchange 2019 CU9 + KB5004780 = v15.2.858.15
  • Exchange 2016 CU21 + KB5004779 = v15.1.2308.14
  • Exchange 2016 CU20 + KB5004779 = v15.1.2242.12
  • Exchange 2013 CU23 + KB5004778 = v15.0.1497.23

 How to obtain the latest security patches

Security patches can be downloaded here

 A cumulative update (CU) install plus knowledge base (KB) will require 2 to 3 hours of downtime. A KB update alone should install within one hour.

 Installing Microsoft Exchange server security updates

To install the updates, reboot the Exchange server then run the updates using the option to run as administrator or from a command prompt as administrator.

 A full backup or virtual machine checkpoint should be taken before installing the updates.

 Known issues

Exchange 2019 CU10 and Exchange 2016 CU21 added a new anti-malware scan. We have found this can cause major performance issues when conflicting with third party anti-virus scanners installed on the Exchange server. If this is the case, the Exchange server must be excluded from AMSI scans in the third-party anti-virus application.

The updates may also cause an expired certificate error that prevents login to the Exchange Management Console and Exchange Control Panel. The fix is detailed here. Once the fix has been applied it can take an hour to become active.

For more detailed information on the identified vulnerabilities visit Microsoft.com

Should you require further information or assistance with these updates, please contact us.

Microsoft Exchange Server Vulnerabilities

3 min read

Microsoft Exchange Server Vulnerabilities

Microsoft has made public four vulnerabilities in Microsoft Exchange Server that require urgent attention. The announcement can be read in...

Read More
Microsoft Exchange Server Security: November 2021 Updates

2 min read

Microsoft Exchange Server Security: November 2021 Updates

orEarlier this month Microsoft identified a high severity bug in Exchange Server 2016 and 2019. This bug enabled authenticated attackers to...

Read More
Microsoft changes Office 365solution names

1 min read

Microsoft changes Office 365solution names

The good news is with the name changes there comes no price or feature changes. Subscribers don’t need to do anything to activate or accept the...

Read More