UK: +44 (0) 20 3922 1222 / AUSTRALIA: +61 (0) 2 9053 9703
Select Page

Widely reported in the mainstream news, due to the severity of this attack, Microsoft reported on the 2nd March 2021 that vulnerabilities in Exchange Server mail and calendar software were being widely exploited by hackers. Thousands of businesses have been affected… Should you be worried?  

  • Yes, if you are using a privately hosted Exchange 
  • No, if you are using Office 365 Exchange Online 

 With the prevalence of Microsoft Exchange Server within businesses, globally, this is pretty big news. As you can understand, it has a lot of them, including our customers, quite concerned. 

 Firstly, and very importantly for ISAAC customers, the hackers were targeting Microsoft Exchange Server, and not the cloudbased Office 365 platform. Microsoft have now released patches to cover the exploited holes in MS Exchange Servers 2010, 2013, 2016 and 2019. Due to the severity of the attack, Microsoft released the patches on the first Tuesday of the month, ahead of the traditional Patch-Tuesday, which is typically the 2nd Tuesday of the month, but these will need to be applied by your IT team. The inclusion of patches for Exchange Server 2010, which is not officially supported anymore, shows that these holes have been around for quite some time. 

 Will the patches kick out the hackers if we have been compromised?  

  • The answer from Microsoft is No. 

 We us Office 365 (and Exchange Online), so no need to worry? 

  • We always recommend Microsoft Exchange Online, over Exchange Server, due to it’s reliability and security; provided you have appropriate security protocols in place, such as Multi Factor Authentication 
  • Even with appropriate multi-layered security in place, we would also always advise caution in what you open and click in your mailbox. The threat of malicious links in phishing emails is prevalent – read our blog post on how to deal with them. 

Ultimately, cyber security is a big deal and being sure you are taking all the precautions you can is important.  

Give us a shout if you would like a security review of your Office 365 environment. 

Related Content