A critical security flaw has been discovered

If you use Exchange Server to handle your company's email, then you're probably already aware that a critical security flaw has been discovered that puts the server at risk.

The issue is being tracked as CVE-2021-42321 and impacts both Exchange Server 2016 and 2019.

Even worse is that Microsoft reports that this issue has been found being exploited in the wild. It is important to note that the security flaw only impacts "on-premises" Exchange Servers including those in Exchange Hybrid mode. So, if you use Exchange Online you are not at risk.


It has been a tough year for Microsoft Exchange Server

Beginning in March 2021 the company faced a massive wave of attacks that were apparently launched by a number of state-backed threat actors. This first wave relied on ProxyLogon exploits and where they were successful, they deployed crypto-miners, ransomware, web shells, and other malware strains. They infected as many targets as they could reach.

A bit later in July a new wave of attacks began targeting the US, EU, and the UK. The blame for these attacks was laid at the feet of China. These attacks relied heavily on Windows PetitPotam exploits and sought to deploy LockFile ransomware on infected systems.

Exchange Server Admins have been feeling the heat this year. The good news is that the wave attacks mentioned above seem to have abated and there's a fix available for the most recently discovered issue.


My perspective

If you run an Exchange Server either on-site or in Hybrid Mode save yourself some time and headaches by downloading and installing the latest patch as soon as possible. There's no need to make more work for yourself than is necessary and you certainly want to do all you can to minimize your risk.


As Walter Cronkhite would say: "That's the way it is"


By Denis Wilson

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT Support

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, Facebook, and Twitter

I am also a published author and speaker on cloud computing, work@home, and cybersecurity. I work extensively with business and professional associations to provide free small business technology education programs.


Contact me if you would like me to speak to your association