
close
close
Upcoming FREE Conference on Identity Management and Privileged Access Management
Microsoft has recommended customers to deploy the latest January 2023 security updates on on-premises Exchange servers. The company urges IT admins to keep their Exchange servers patched to protect their organization from cyberattacks and security threats.
In a Techcommunity blog post, Microsoft raised an alarm that malicious actors are increasingly leveraging vulnerabilities to compromise unpatched Exchange servers in on-premises environments. It enables attackers to take complete control over unpatched Exchange instances and steal sensitive information. Moreover, they could access the address book to launch social engineering attacks.
“To defend your Exchange servers against attacks that exploit known vulnerabilities, you must install the latest supported CU (as of this writing, CU12 for Exchange Server 2019, CU23 for Exchange Server 2016, and CU23 for Exchange Server 2013) and the latest SU (as of this writing, the January 2023 SU). Exchange Server CUs and SUs are cumulative, so you only need to install the latest available one. You install the latest CU, then see if any SUs were released after the CU was released. If so, install the most recent (latest) SU,” the Exchange team explained.
Microsoft has detailed several steps that should be performed after installing an update on on-premises Exchange servers. First of all, IT admins are advised to run the Exchange Server Health Checker tool to find potential configuration issues that could impact the performance. It identifies unpatched Exchange servers and provides instructions about manual actions that need to be performed for updating the environment.
Additionally, Microsoft notes that administrators can use the SetupAssist script to fix any problems that might occur during the installation process. The Exchange team also published a troubleshooting guide to help IT admins address common problems that could occur during the installation of Exchange server cumulative and security updates.
Microsoft advises customers to deploy the latest updates for Windows Server and other dependent servers, including DNS and Active Directory. Moreover, the company has asked IT admins to provide feedback about improving the Exchange Server update experience in enterprise environments.
More in Exchange Server
Microsoft to Block Unsupported Exchange Servers from Sending Emails to Exchange Online
Mar 24, 2023 | Rabia Noureen
M365 Changelog: (Updated) REST API for On-Premises Mailboxes Preview Ending
Mar 14, 2023 | Petri Staff
Microsoft Advises IT Admins to Remove Some Exchange Server Antivirus Exclusions
Feb 24, 2023 | Rabia Noureen
Microsoft Releases Exchange Server Updates to Improve Security of PowerShell Payloads
Jan 11, 2023 | Rabia Noureen
Most popular on petri