Blogs about Atlas, Microsoft 365, Teams

Install security updates for on-premises Microsoft Exchange Server

Written by Patrick Proesmans | Apr 14, 2021 2:38:58 PM

ACTION REQUIRED : Install security updates for on-premises Microsoft Exchange Server.

As mentioned a few weeks ago Microsoft flagged some vulnerabilities detected impacting on-premises Exchange servers

On April 13, 2021, Microsoft released a set of security updates to address a set of vulnerabilities discovered in Exchange Server 2013, 2016 and 2019. Microsoft is not aware of any active attacks or exploits related to these vulnerabilities, which were identified responsibly by a partner.

To protect against potential attacks, it is essential to bring your Exchange Server environment current and apply these security updates. Exchange Online customers are already protected and do not need to take any action. Below are actions to take to do this:

  1. Read the MSRC blog April 2021 Security Updates Now Available to learn more.
  2. Follow these steps to getting your Exchange Servers up-to-date:
    • Take inventory of your current Exchange Server update level. You can use the Exchange Server Health Checker script, which can be downloaded from GitHub (use the latest release). Running this script will tell you if any of your Exchange Servers are behind on updates (CU and SU). (The script supports Exchange Server 2013 and beyond.)
    • Install the latest Exchange Cumulative Updates for your version of Exchange on each server that needs to be made current.
    • Install the relevant security updates on each server.
    • If you have issues during the update process, please see our update troubleshooting documentation or contact Support.
  3. Read the Exchange blog Released: April 2021 Exchange Server Security Updates for detailed instructions on installing these updates.

To help protect companies from evolving security threats and malicious activity, Microsoft is continuing to harden Exchange Server against attacks. Customers should apply the security updates included in upcoming monthly update cycles for maximum protection.

If you have questions, please do not hesitate to contact us.

Thank you.
View full post