Microsoft says to keep Exchange servers updated — or else

Exchange server vulnerabilities are no joke.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know

Microsoft Exchange servers have had a long year. Betweenforeign attacksandcryptocurrency and ransomwareschemes, Exchange can’t catch a break. Hence why Microsoft is pushing out a PSA, reminding people to keep their servers patched and updated.

Following news surrounding the recentLockFile ransomware threatto MS Exchange, Microsoft has released a blog post entitled “ProxyShell vulnerabilities and your Exchange Server.”

It specifically highlights ProxyShell vulnerabilities that may allow for ransomware deployment on unpatched Exchange servers. It mentions that anyone who’s installed the May 2021 or July 2021 security updates should be fine, before outlining who’s at risk.

According to Microsoft, you’re at risk if any of these are accurate for your Exchange server(s):

Microsoft reiterates that keeping servers updated with the latest security patches is essential. If you want to see a prime example of why the company is so serious about this topic, check out the recent report onChina using stolen MS Exchange datafor AI development. And that’s the tip of the iceberg; between ransomware and crypto-threats, data theft is just one of many avenues malicious individuals are utilizing to exploit vulnerable Exchange servers.

Long story short: If you have unpatched Exchange servers, Microsoft advises you to fix that.

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Robert Carnevale is the News Editor for Windows Central. He’s a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author ofCold War 2395. Have a useful tip? Send it to robert.carnevale@futurenet.com.