Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Microsoft Recommends IT Admins to Patch Exchange Servers

Microsoft has recommended customers to deploy the latest January 2023 security updates on on-premises Exchange servers. The company urges IT admins to keep their Exchange servers patched to protect their organization from cyberattacks and security threats.

In a Techcommunity blog post, Microsoft raised an alarm that malicious actors are increasingly leveraging vulnerabilities to compromise unpatched Exchange servers in on-premises environments. It enables attackers to take complete control over unpatched Exchange instances and steal sensitive information. Moreover, they could access the address book to launch social engineering attacks.

“To defend your Exchange servers against attacks that exploit known vulnerabilities, you must install the latest supported CU (as of this writing, CU12 for Exchange Server 2019, CU23 for Exchange Server 2016, and CU23 for Exchange Server 2013) and the latest SU (as of this writing, the January 2023 SU). Exchange Server CUs and SUs are cumulative, so you only need to install the latest available one. You install the latest CU, then see if any SUs were released after the CU was released. If so, install the most recent (latest) SU,” the Exchange team explained.

How to protect Exchange Servers against attacks

Microsoft has detailed several steps that should be performed after installing an update on on-premises Exchange servers. First of all, IT admins are advised to run the Exchange Server Health Checker tool to find potential configuration issues that could impact the performance. It identifies unpatched Exchange servers and provides instructions about manual actions that need to be performed for updating the environment.

Additionally, Microsoft notes that administrators can use the SetupAssist script to fix any problems that might occur during the installation process. The Exchange team also published a troubleshooting guide to help IT admins address common problems that could occur during the installation of Exchange server cumulative and security updates.

Microsoft advises customers to deploy the latest updates for Windows Server and other dependent servers, including DNS and Active Directory. Moreover, the company has asked IT admins to provide feedback about improving the Exchange Server update experience in enterprise environments.