Microsoft Exchange Server on-prem: Guidance and resources

Friday 19th March 2021

Microsoft have continued to simplify their approach to Microsoft Exchange Server on-prem. See the latest resources below: 

1. If you have not yet applied the security updates to your on-premises Exchange Servers, we urge to take immediate action: 

-You can leverage the Microsoft Exchange On-Premises Mitigation Tool, released by Microsoft on GitHub. This tool is a free one-click tool to temporarily protect servers you haven't been able to patch yet. Find further instructions on Microsoft's MSRC blog. It will also download and run the latest version of Microsoft Safety Scanner to determine if any exploitation has occured already. 

-You should apply the relevant security patches as soon as possible. You wont be fully protected until you apply the latest security updates. 

-Microsoft have made Microsoft Defender for Endpoint available to you for 90-days*. Which will block all known associated Exchange vulnerabilities, as well as providing continuous detection and hunting capabilities. As a next step please follow these steps to set up Microsoft Defender for Endpoint and onboarding your Exchange Server. 

2. If you've already patched your Exchange Servers

- You're protected for any future exploitation once patched. To determine if any exploitation occured prior to patching, download and run the Microsoft Safety Scanner on all on-prem Exchange Servers. 

-For continuous monitoring Microsoft Defender for Endpoint is available to you for 90-days*. Which will block all known associated Exchange vulnerabilities, as well as providing continuous detection and hunting capabilities. As a next step please follow these steps to set up Microsoft Defender for Endpoint and onboarding your Exchange Server. 

---

Want to keep informed? Sign up to our Newsletter