Microsoft has issued emergency patches for four (4) 0-day vulnerabilities exposed in the on-premises Microsoft Exchange Server product.
This comes on the heels of Microsoft announcing a discovery of an attack by a hacker group purportedly sponsored by a foreign government.
The attack seems to be limited at this time, but as other hacker groups learn of these vulnerabilities, they will likely attempt to exploit the opportunity.
Microsoft is urging all Exchange Server customers to deploy the security patches as soon as possible.
Affected platforms include Microsoft Exchange Server 2013, 2016, and 2019
Further information and links to the security patches is available at the Microsoft Security Response Center article:
How Avaleris can help you
As your go-to security partner, Avaleris is focused on Microsoft 365 for everything related to Identity, Cybersecurity and Mobility.
We have assisted many organizations with external access initiatives using either or both Azure AD and Azure AD B2C technologies, from strategy and architecture through to production deployment.
With our team of highly qualified consultants, Avaleris is available to help you identify or realize your security priorities and projects.
No two architectures are the same—and our architects and consultants are always happy to take on new challenges.
Got questions about Azure AD B2C? Want to chat about an upcoming project? Our Avaleris team would be delighted to sit down and discuss your priorities. Contact us today to set up a call to get you started!
Practice Lead, Consumer Identity
Avaleris focuses exclusively on hybrid identity, enterprise mobility, and cloud security, enabling businesses to improve their agility and security while enabling employee productivity and collaboration.