We’ve seen a wave of cyberattacks and data breaches that swept across the globe with multiple zero-day exploits discovered in Exchange Online and On-premises. Microsoft is urging admins to protect their Exchange Servers by keeping Exchange servers updated with the latest CUs and SUs. “Attackers looking to exploit unpatched Exchange servers are not going to go away.”
We’ve been looking at this activity and our team has created one of our biggest security updates to Messageware EPG! We are excited to announce that we are partnering with Spamhaus, global leaders in IP reputation data, to integrate their real-time threat intelligence database with EPGs enhanced IP Filtering and Blocking.
This integrated solution provides blocking of devices and IP addresses that are:
- infected with malware and viruses
- hijacked or compromised by 3rd party exploits
- maliciously attempting to penetrate your server
- known botnets
- hijacked or leased by cybercrime
Here’s a very interesting support case that we had over the holidays that we’d like to share:
A C-Level executive called their IT Support team as they were not able to connect to email. After reviewing the EPG data, it was determined that the executive’s internet IP had been placed on a malware block list and the connection was being rejected! Over the holidays malware on a personal device had been accidentally downloaded and went undetected within the home network. A few malware scans later and ISP updates and they were both safe & fully operational again.
The executive was extremely grateful and completely on-board with the approach that networks with malware be blocked, regardless of the device, from connecting to the corporate network. Do you think the VIPs in your organization would agree?
Reach out to Messageware
If you are not protecting all the protocols used by your Exchange Server, you’re putting your company at a higher risk of a data breach. Security incidents happen frequently. They cause disruption, loss of data and risk the reputation of your company.
Wishing you all the best,
Wishing you the very best,
Mark Rotman
President and CEO
Messageware Incorporated
Critical Microsoft Patches
Once again attackers show us that security is an ongoing, unending process that must be managed regardless of whether you are in the Cloud or On-prem!
Released: February 2023 Exchange Server Security Updates
There are multiple remote code execution Exchange bugs addressed this month. The vulnerabilities allow a remote attacker to execute arbitrary code on a vulnerable server, via a network call.
This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE):
- CVE-2023-21529 – Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2023-21706 – Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2023-21707 – Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2023-21710 – Microsoft Exchange Server Remote Code Execution Vulnerability
February 2023 Exchange Server Security Updates (SU)
Microsoft has released security updates for these vulnerabilities. Updates available here:
https://techcommunity.microsoft.com/t5/exchange-team-blog/released-november-2022-exchange-server-security-updates/ba-p/3669045
Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: February 14, 2023 (KB5023038)
Download: Security Update For Exchange Server 2019 CU12 SU6 (KB5023038)
Download: Security Update For Exchange Server 2016 CU23 SU6 (KB5023038)
Download: Security Update For Exchange Server 2013 CU23 SU20 (KB5023038)