Dynamic Business Logo
Home Button
Bookmark Button

Image credit: Tadas Sar

Businesses urged to update Microsoft Exchange in response to security threats

The Australian Government is urging businesses to heed the advice of the Australian Cyber Security Centre (ACSC) and update their Microsoft Exchange software in order to protect against newly identified vulnerabilities.

Assistant Minister for Defence Andrew Hastie said it is “critically important” for Australian businesses and organisations to install Microsoft’s April patches due to ongoing cyber attacks by adversaries on the company’s email software systems.

“The ACSC has identified extensive targeting and compromises of Australian organisations with vulnerable Microsoft Exchange deployments,” Mr Hastie said.

“People should visit the new alert, available at cyber.gov.au, to identify the steps outlined by the ACSC and access the Microsoft guidance.”

On 13 April 2021, Microsoft released security updates to mitigate significant newly discovered remote code execution vulnerabilities that affect Microsoft Exchange Server 2013, 2016 and 2019. The latest vulnerabilities to be identified are CVE-2021-28480 and CVE-2021-28481.

The ACSC has since warned against relying on the March patches, saying they fail to guard against new vulnerabilities and that the new patches are needed to prevent further unauthorised access to email accounts and sensitive information.

Related: Over 500 million Facebook users have had their data leaked online; here’s how to check if your number was compromised

“Organisations should apply new patches as soon as possible and also undertake detection steps outlined in Microsoft guidance,” the ACSC said.

“If organisations are unable to resource immediate investigation of potential compromise of their Microsoft Exchange server, Microsoft has published a mitigation tool which organisations can use as a first step to protecting servers. The ACSC also recommends that organisations implement web shell mitigation steps.”

Although Microsoft has said it is “not aware of any active exploits” in a recent blog post, the company recently identified multiple exploits by malicious actors – namely overseas adversary group HAFNIUM – to breach parts of the Microsoft Exchange Server exposed to the Internet.

For more information on these vulnerabilities and the action you should take to secure your systems, visit cyber.gov.au.

Keep up to date with our stories on LinkedInTwitterFacebook and Instagram

What do you think?

    Be the first to comment

Add a new comment

Dahlia Jovic

Dahlia Jovic

Dahlia is a Junior Editor and Journalist at Dynamic Business. She is an Honours student in Media and Communications at the University of Sydney with a specialisation in Digital Cultures. Her areas of interest include business, technology, entertainment and videography.

View all posts