Microsoft announced the next – or last? version– of Microsoft Exchange Server. Customers and partners greeted the announcement with little cheer, as reflected in the comments section of the announcement blog. After two years of silence, the shared news was received as anticlimactic, with a fair amount of fine print attached.
The March 2024 security update for Exchange 2019 was released to address several critical vulnerabilities that pose significant risks to system integrity and security. As Exchange 2019 remains a crucial component in many organizations' IT infrastructure, the timely application of security patches is essential. This update aims to mitigate potential threats that could be exploited by malicious adversaries, thereby safeguarding sensitive data, and ensuring the smooth operation of email services.
Securing Exchange as part of a larger security framework
Patching Exchange servers. Three words a lot of us wish would just go away forever. Well, the good news is, in some capacity patching old Microsoft Exchange servers will become a thing of the past. We’ve heard about this tirelessly for years in the tech community, from Microsoft themselves to Microsoft MVP’s and thought leaders, but it’s not just ‘talk’ anymore – it’s rapidly turning into reality.
On February 14, 2023, Microsoft released new security updates rated ‘Important’ for:
On January 10, 2023, Microsoft released new Security Updates for Exchange 2013 CU23, Exchange 2016 CU23 and Exchange 2019 CU11 and CU12.
Recently, Microsoft published a small update on Servicing Exchange. Being a Microsoft Office 365 Apps and Services MVP and Exchange consultant, I pretty much know what’s going on and coming up, but I didn’t see this one coming.
This week Microsoft released new security updates for the following Exchange versions:
On October 11, 2022, Microsoft unexpectedly released new Security Updates (SUs) for Exchange 2013 CU23, Exchange 2016 (CU22 and CU23) and Exchange 2019 (CU11 and CU12).
Early August 2022, the Vietnamese organization GTSC Cyber Security noticed anomalies in their SOC and they discovered their Exchange servers were under attack. They quickly determined the attack utilized an unpublished Exchange security vulnerability. Due to earlier Exchange attacks GTSC quickly uncovered the vulnerability and Microsoft was informed about the vulnerability at this time.