EDCi would like to share some critical manufacturer patching notifications with you. In early March Microsoft announced the “HAFNIUM targeting Exchange Servers with 0-day exploits”. Here is the recent announcement from CISA.gov on threat actors actively searching out these vulnerabilities.
According to the Microsoft HAFNIUM article: “HAFNIUM operates primarily from leased virtual private servers (VPS) in the United States.” So you can’t rely on standard geo-blocking policies to prevent the activity.
Many organizations actively patch the Microsoft Windows OS for Critical and Security patches, but often overlook Exchange Cumulative Updates (CU) and security patches. At this time EDCi is recommending that you set up time with one of our engineers so we can review your environment and plan or perform the upgrade as well as help test the functionality.
We are seeing the process take 4 to 6 hours per Exchange server depending on how out-of-date they are on Windows Patches and Exchange Cumulative Updates. Please contact EDCi today if you’d like to set up time to have your environment evaluated.