The National Cyber Security Centre (NCSC) – the UK Government’s national, technical authority for cybersecurity and a part of GCHQ – has urgently called for organisations to install the latest Microsoft Exchange Server updates.
The announcement comes following confirmation from Microsoft that they suffered a large-scale exploitation of unpatched vulnerabilities in early March. Microsoft have said that sophisticated actors attacked Exchange servers and, in response, the company has released multiple security updates for these affected servers. This does not affect Exchange Online.
The NCSC have confirmed that the affected versions are:
The recommended priority actions (as of March 12 2021) to take in response to the hack can be accessed by visiting: https://www.ncsc.gov.uk/news/advice-following-microsoft-vulnerabilities-exploitation
NCSC Director for Operations, Paul Chichester, said: “We are working closely with industry and international partners to understand the scale and impact of UK exposure, but it is vital that all organisations take immediate steps to protect their networks.
“Whilst this work is ongoing, the most important action is to install the latest Microsoft updates. Organisations should also be alive to the threat of ransomware and familiarise themselves with our guidance. Any incidents affecting UK organisations should be reported to the NCSC.”
All organisations are advised to proactively search systems for evidence of compromise, in line with Microsoft’s public advice.