If you haven't heard, Microsoft reported a major hack of its Exchange Server product family
a few weeks ago.
The hack exploited four vulnerabilities in the Exchange Server software. Chinese hackers began exploiting these to gain access to the servers, steal email communications, and deploy malware.
They first targeted Exchange Servers accessible from the Internet (e.g., servers publishing Outlook on the Web/OWA and ECP). However, they didn't stop there.
Suffice it to say, this one's bad. It hasn't swept through all Exchange Servers, but estimates are at least 30,000 organizations in the U.S. have been hit, and hundreds of thousands worldwide.
On March 2, Microsoft released patches to fix these vulnerabilities. If your company uses an Exchange Server, you need to install the patch ASAP. (All of PlanetMagpie’s customers have been taken care of.)
This page has the patches for Exchange Server 2010 through 2019:
March 2021 Exchange Server Security Updates – Microsoft Exchange Team Blog
If you use Exchange Online through Office 365, those servers have been patched already. You're okay.
IMPORTANT NOTE: Microsoft did say that the patch will not "close the backdoor" if someone's already hacked your Exchange Server. To detect this, you must run a special tool, and modify the server to kick them out.
If you're concerned about your Exchange Server, or need help patching, please contact us right away.
Do you have an "everyday IT" question you want answered? Send it in to firstname.lastname@example.org and it may show up in Magpie's next Tech Tip.