In early March 2020, Microsoft announced that it had discovered several vulnerabilities in Exchange that could enable hackers to infiltrate and compromise systems that use the email server. Following the announcement, Microsoft released a series of software patches to protect systems using Exchange from falling prey to malicious actors. However, some Canadian companies still haven’t applied those patches.
This is why the Canadian Centre for Cyber Security (CCCS) has once again urged all businesses to apply the critical Microsoft Exchange patches to avoid consequences such as data exfiltration.
Why is it important to install patches as soon as they come out?
According to Microsoft, a new family of ransomware called “DearCry” has exploited one of the four zero-day flaws in unpatched on-premises Exchange Servers. The term “zero-day” can refer to vulnerabilities that are unknown to the parties responsible for patching software flaws. It can also refer to the time it takes between the discovery of a vulnerability and the first attack leveraging that vulnerability (zero day).
The only way to stop zero-day attacks is to install patches that contain codes to remedy software vulnerabilities. Until a patch is installed, hackers can continue exploiting software weaknesses, which gives them higher chances of carrying out a successful data breach.
Note that the recent series of Microsoft Exchange patches contain fixes for the March 2021 Common Vulnerabilities and Exposures (CVE), including protection from DearCry.
Should all businesses install the Microsoft Exchange patches?
The CCCS stresses that every business regardless of size should install the Microsoft Exchange patches; CCCS director Scott Jones warns that no unpatched system is off-limits to attackers.
The CCCS stresses that every business regardless of size should install the Microsoft Exchange patches.
Small- and medium-sized businesses (SMBs) may think that they are not attractive enough to be targeted because they store relatively less data compared to big corporations. But that way of thinking is misguided: according to the Verizon Business 2020 Data Breach Investigations Report, almost a third of data breaches were actually directed at SMBs.
Cybercriminals often target SMBs to gain access to a larger company with whom they do business, such as in a supply chain attack. This is because smaller businesses rarely have the resources to implement enterprise-grade cybersecurity solutions, which makes infiltrating their systems a walk in the park for hackers.
How to install critical Exchange patches
To close off the reported vulnerabilities, Microsoft has released security updates for Exchange Server 2013, 2016, and 2019. Before installing these patches, remember to disable antivirus products and use an account with administrator permissions to avoid problems with either Outlook on the web (OWA) or Exchange Control Panel (ECP).
A more comprehensive guide to the patching process is available on the Exchange team blog, which answers frequently asked questions such as, “How can I tell if my servers have already been compromised?” and “Which server should I prioritize?”.
This presentation from Microsoft EMEA support further breaks down the recommended actions for particular Exchange Server versions and details some of the Cumulative Update (CU) best practices. What’s more, this series of YouTube videos by Microsoft aims to guide IT professionals through the patch installation process.
Did you know? The term “zero-day” can refer to vulnerabilities that are unknown to the parties responsible for patching software flaws. It can also refer to the time it takes between the discovery of a vulnerability and the first attack leveraging that vulnerability (zero day).
Protect your systems with XBASE Technologies
For some SMBs that don’t have the adequate IT resources to install critical Exchange updates, keeping their systems impervious to attacks can be a problem. Remember that the longer that business systems stay unpatched, the higher the chances that they'll be successfully hacked.
If you need a hand in keeping up to date with software patches, partner with XBASE Technologies. We are a business technology specialist offering a wide range of Exponentially Better™ services that will help mitigate risks, ensure compliance, and protect IT assets. From proactively managing your networks to making sure your systems are always up to date, we’ll provide your organization with cutting-edge IT that will take your business to the next level. The best part? You’ll only pay a flat monthly service fee, so you can enjoy unlimited corporate-grade tech services with no hidden charges.
Installing the latest patches is just one way to keep your data secure from malware. Better understand, prevent, and budget for online attacks by reading our eBook, “The ABCs of Malware”. Download your FREE copy now.