New Microsoft Exchange Patches For SMBs | Avast

New Microsoft Exchange Patches For SMBs | Avast
Christopher Budd, 14 April 2021

Even if you needed to apply patches last month, you’ll need to do so again this month



Last month, we told you about a series of critical vulnerabilities in Microsoft Exchange that were under attack. We urged small and medium businesses (SMBs) to take immediate action to patch, as well as determine if Exchange systems might have been compromised.
This month, Microsoft has released a new series of patches for a new, different set of critical vulnerabilities affecting Exchange.
The bad news is that if you needed to apply patches last month, you’ll need to do so again this month.
The good news, right now at least, is that these vulnerabilities are not under attack. However, Microsoft says clearly in their security advisory
We have not seen the vulnerabilities used in attacks against our customers. However, given recent adversary focus on Exchange, we recommend customers install the updates as soon as possible to ensure they remain protected from these and other threats.
In other words, while these aren’t currently under attack, there are currently ongoing attacks against Exchange and there’s a very good chance that attackers will move quickly to incorporate these new vulnerabilities into their attacks. That means even Exchange servers that are patched against last month’s vulnerabilities could be at risk of compromise.
If you’re running Exchange, apply these latest patches as soon as possible. The sooner you apply these patches, the better your chances of getting your systems protected before attack ..