Blog / Time to Catch Up on Exchange Patches
Microsoft has announced they’re going to start enforcing policies about Exchange patches.
It seems like Microsoft Exchange has been the focus of hacker attackers for a long time now, though considering how common it is and that focusing on common software maximizes hackers’ potential for “positive” results, it’s not exactly surprising. It’s the same reason catalytic convert thefts suddenly become so popular. Thieves discovered they were east to steal and there are a lot of them out there.
Exchange has gotten a lot of attention in the past due to a couple of recent major vulnerabilities, ProxyLogon and ProxyNotLogon, that were widely exploited by attackers. Basically these vulnerabilities allow a remote attack to connect to your Exchange server and make it do, well, whatever the attackers want, and without needing login credentials.
A good news/bad news situation
The good news is Microsoft released a patch for these very quickly. The bad news is that there are a lot of servers that still haven’t been patched. We know this because we don’t need to rely on self-reporting or even Microsoft’s own systems because of a little thing called Shodan. If you’re unaware, Shodan is a search engine that scours the internet just like Google, except it doesn’t look for just websites. In fact you can use Shodan to learn the version of Exchange and the installed patches on a server from the outside, so it’s easy to which servers haven’t been patched (and there’s almost 5000 of them).
Now Microsoft appears to be taking the threat even more seriously and has a simple way to potentially deal with this issue. If you don’t patch your exchange server, they’re going to start throttling, then disable, your outbound email. If you don’t keep your Exchange servers up to date and you run your email through Office 365 you can expect to start having issues if you don’t promptly update once this policy becomes active.
The old saying “if it ain’t broke don’t fix it” really only applies to the physical world. When it comes to software, things are never that simple. Even when software is doing everything it’s supposed to, there are potentially serious vulnerabilities you may never see. Just because software doesn’t seem to be broken doesn’t mean it shouldn’t be fixed.
This Shakespeare’s quote comes from Two men from Verona:“Home-keeping youth have ever homely wits.”
If you’d like to learn more about Exchange and how TRINUS’s cybersecurity services help keep your servers safe, contact us today and get yourself some stress-free IT.
Be kind, courtesy your friendly neighbourhood cyber-man.