Microsoft recently announced the discovery of a critical vulnerability in its Exchange Server products: attackers of any sophistication level can easily exploit these flaws. Microsoft has urged companies that use on-premise Exchange servers or have servers with “OWA” websites available to the internet for any reason to apply these fixes as soon as possible, as well as review their networks for any indicators of compromise (IOCs).
Owing to variations in how email is hosted, this exploit does not exist for organizations that have moved to Microsoft 365. Since the majority of our clients use Microsoft 365, only a handful of Sentryon IT's clients have been affected by this vulnerability.
Sentryon IT Solutions acted quickly to evaluate the danger to our clients and begin the patching phase as soon as Microsoft announced the vulnerability and published the patches. However, since the vulnerability existed before Microsoft's announcement, affected organizations could still be vulnerable: applying the patch would not delete any malware or footholds that attackers have already installed. Our clients who have been exposed to danger for some length of time have already been briefed and advised about their level of risk.
We don't just focus on a single point of weakness – such as blocking access to our clients' networks – because Sentryon believes in a defense-in-depth philosophy. We also search the networks on a regular basis, looking for suspicious behaviour and putting in place protections to avoid and detect inappropriate activities. Simply put, IT protection isn't just about keeping threats out; it's also about capturing whatever does slip in.
Sentryon and its cybersecurity partners will keep a close eye on the situation as it unfolds, and will be ready to respond if new knowledge becomes available. And, if the threat environment for any of our clients changes, we will make every effort to keep them updated and protected.