[Completed] Emergency Out-of-band Security Patching for fully managed Exchange mail servers, March 2nd, 2021
Posted by David Cunningham on 02 March 2021 09:48 PM
Completed, Tue 02 Mar 2021 08:50:03 PM MST: All exchange hosts we manage are now updated, with ours having been updated within 20m of the maintenance window. No issues with the patches have been detected.|
We strongly recommend all self-managed clients running their own exchange servers update before EOD.
I will add that in-bind updates (on patch tuesday) will still be carried out on hosts that require them, next week.
Purpose of Work:
Microsoft has announced that it has detected multiple exchange servers in the wild that were compromised by one specific APT group, using several 0-day exploits that were patched out of band today: https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/
They have advised applying the patches ASAP, and we'll be handling this for fully managed exchange servers.
Impact of Work:
All fully managed exchange hosts will be rebooted automatically / ASAP to propagate fixes, starting from 6pm MST, onwards.
There are not many of these hosts, but they include our own mail server. Post-patch, all hosts will be audited for signs of the compromise signatures Microsoft has disclosed, and fully managed clients will be notified with the results.
Internal mail of affected systems may be temporarily impacted in the time it takes to reboot them, including our own.
Submitting a ticket directly via the portal will still work, as will phone calls, during the work window.
Please contact us with any questions / comments / concerns.