Awareness of Exchange Server Vulnerability for On-Premises servers

We are sending this notification to raise awareness for customers who may be running Exchange servers in either hybrid or on-premises environments. If you are not in either of those scenarios, you may safely ignore this message.

Please note that the online services included in your Microsoft 365 or Office 365 subscription are not impacted by the announced vulnerabilities.

How this will affect your organization:

If you are running Exchange servers in hybrid or on-premises, we recommend you take immediate action to address the potential vulnerabilities that are affecting Exchange Server 2013, 2016 and 2019.

What you need to do:

Steps to get your Exchange Servers up to date are detailed on our Microsoft Security Response Center (MSRC) blog. We also recommend that your security/IT team or support partner evaluate whether the vulnerabilities were exploited in your environment by using the techniques published on the MSRC blog.

Additional Information:

You can find more information about these attacks in these articles:

If you have issues during the update process, please see: Repair failed installations of Exchange Cumulative and Security updates.

Message ID: MC244043


No comments yet

Leave a Reply


I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: