Published March 10, 2021

Awareness of Exchange Server Vulnerability for On-Premises servers

Reference ID: MC244043

MC244043 – We are sending this notification to raise awareness for customers who may be running Exchange servers in either hybrid or on-premises environments. If you are not in either of those scenarios, you may safely ignore this message.

Please note that the online services included in your Microsoft 365 or Office 365 subscription are not impacted by the announced vulnerabilities.

How this will affect your organization:

If you are running Exchange servers in hybrid or on-premises, we recommend you take immediate action to address the potential vulnerabilities that are affecting Exchange Server 2013, 2016 and 2019.

What you need to do:

Steps to get your Exchange Servers up to date are detailed on our Microsoft Security Response Center (MSRC) blog. We also recommend that your security/IT team or support partner evaluate whether the vulnerabilities were exploited in your environment by using the techniques published on the MSRC blog.

Additional Information:

You can find more information about these attacks in these articles:

If you have issues during the update process, please see: Repair failed installations of Exchange Cumulative and Security updates.

Petri Newsletters

Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.

Latest Posts on

Latest Podcast