March 3, 2021

Microsoft Exchange On-Prem ZERO Day Threat

Microsoft Exchange On-Prem ZERO Day Threat Technology Consulting

Microsoft has released patches for multiple on-premises Microsoft Exchange Server zero-day vulnerabilities that are being exploited by a nation-state affiliated group. The vulnerabilities exist in on-premises Exchange Servers 2010, 2013, 2016, and 2019.

Marcum would like to ensure you are aware of the situation and ask that you help drive immediate remediation steps. Direct your teams to start immediate action to assess your on-premises Exchange Server infrastructure and patch vulnerable servers, with the first priority being servers that are accessible from the Internet (e.g., servers publishing Outlook on the web/OWA and ECP).

To patch these vulnerabilities, move to the latest Exchange Cumulative Updates and then install the relevant security updates on each Exchange Server. You can use the Exchange Server Health Checker script, which can be downloaded from GitHub (use the latest release). Running this script will tell you if you are behind on your on-premises Exchange Server updates (note: the script does not support Exchange Server 2010).

We also recommend that your security team assess whether or not the vulnerabilities were being exploited by using the Indicators of Compromise.

We are committed to working with you through this issue. Your Marcum Microsoft account and support teams have been fully mobilized. Please reach out to anyone on your account team if you need help.

Information to assist you and your teams:

If you have questions or need assistance, please contact us today at

Related Services

Technology Consulting, Infrastructure Solutions & Services, Managed Endpoint Detection, Managed IT Services, Cloud Services, Small Business Solutions, Wireless & Mobility Solutions, Infrastructure Design & Engineering, Data Storage, Software-Defined Networking, IT Staff Augmentation, Telecom Optimization, Virtualization, Managed Cybersecurity Services, Cybersecurity & Digital Forensics, CyberINSPECT, Incident Response Services, Cybersecurity Services, Digital Investigations & Litigation Support, Digital Advisory Services, Blockchain, ERP Automation, Sales & Use Tax Automation, Financial Solutions, Data Analytics, Intelligent Automation, Strategic IT Consulting, CIO/CTO as a Service, Digital Transformation, Enterprise System Selection, IT Due Diligence, IT Restructuring, Post Deal IT Value Creation, Strategic IT Assessments, Strategic IT Road Mapping, Advisory

Related Industry