Security 10809 Published by

Microsoft published mitigations for the current Microsoft Exchange Server vulnerabilities on their Microsoft Security Response Center blog.





Microsoft Exchange Server Vulnerabilities Mitigations – March 2021

Microsoft previously blogged our strong recommendation that customers upgrade their on-premises Exchange environments to the latest supported version. For customers that are not able to quickly apply updates, we are providing the following alternative mitigation techniques to help Microsoft Exchange customers who need more time to patch their deployments and are willing to make risk and service function trade-offs.

These mitigations are not a remediation if your Exchange servers have already been compromised, nor are they full protection against attack. We strongly recommend investigating your Exchange deployments using the hunting recommendations here to ensure that they have not been compromised. We recommend initiating an investigation in parallel with or after applying one of the following mitigation strategies. This blog also contains a nmap script to help you discover vulnerable servers within your own infrastructure.
Gnome_shell_screenshot_tid0z0

Microsoft Exchange Server Vulnerabilities Mitigations – March 2021 – Microsoft Security Response Center