Security News > 2021 > March > Microsoft releases ProxyLogon updates for unsupported Exchange Servers
Microsoft has released security updates for Microsoft Exchange servers running unsupported Cumulative Update versions vulnerable to ProxyLogon attacks.
These additional security updates are meant to be installed only on machines running Exchange Server versions not supported by the original Match 2021 security patches released a week ago, only if the admin can't find an update path to a supported version.
They do not bundle additional product updates or security fixes since they are meant to be quick patches to protect the servers until deploying the latest Exchange updates.
Once you successfully install these additional updates, you should also make sure to bring your Exchange environment to a supported state by installing the latest available updates as soon as possible.
It's also important to mention that if you install any other intermediary cumulative updates after these security updates, your Exchange server will once again be vulnerable to ongoing ProxyLogon attacks.
"Our original announcement Released: March 2021 Exchange Server Security Updates contains information and resources that can help you plan your updates, troubleshoot problems, and help you with mitigations, investigation, and remediation of the vulnerabilities," Microsoft added.
News URL
Related news
- Windows Server August updates fix Microsoft 365 Defender issue (source)
- Microsoft: August updates cause Windows Server boot issues, freezes (source)
- Microsoft: Exchange Online mistakenly tags emails as malware (source)
- Microsoft fixes Windows Server performance issues from August updates (source)
- Microsoft ends development of Windows Server Update Services (WSUS) (source)