Microsoft to block emails from “Persistently Vulnerable Exchange Servers”

Share post:

Microsoft has announced a new security feature for Exchange Online that will gradually throttle and eventually block emails sent from “persistently vulnerable Exchange servers.”

The new “transport-based enforcement system” will be implemented for Exchange Server 2007 using OnPremises connectors to send mail, before expanding to other Exchange versions.

These servers are typically those that run end-of-life software or have not been patched against known security bugs. The primary goal of the system is to help Exchange admins identify unpatched or unsupported on-prem Exchange servers and upgrade or patch them before they become security risks. The enforcement system has three distinct functions: reporting, throttling, and blocking.

The Exchange Team explains that any Exchange server that has reached end-of-life, such as Exchange 2007, Exchange 2010, and soon Exchange 2013, or remains unpatched for known vulnerabilities, will be considered persistently vulnerable. Exchange 2016 and Exchange 2019 servers that are significantly behind on security updates are also included in this category.

The new enforcement system is designed to alert admins about security risks in their environment and to protect Exchange Online recipients from potentially malicious messages sent from persistently vulnerable Exchange servers. It will only affect servers running Exchange Server 2007 using OnPremises connectors to send mail at first, to allow fine tuning before expanding to all Exchange versions, regardless of how they connect to Exchange Online, after tuning.

This announcement follows a January call to action by Microsoft, urging customers to keep their on-prem Exchange servers up-to-date by applying the latest supported Cumulative Update (CU), always to have them ready for incoming emergency security updates.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

Hamilton Estimates $52 Million to Rebuild IT Systems After Ransomware Attack

The city of Hamilton plans to spend $52 million over the next three years to rebuild and secure...

Avery Data Breach: Credit Card Skimmer Affects Over 61,000 Customers

Label maker Avery has disclosed a data breach affecting 61,193 customers, caused by a credit card skimmer that...

Scammed Company Ordered to Pay $190k for Fraudulent Invoice Payment

A hacker gained access to Mobius Group’s email system and sent instructions from a legitimate email address, directing...

Sneaky 2FA: A Sophisticated Attack Defeats Both 2FA and Phishing Protections

A new phishing kit, ominously named "Sneaky 2FA," has emerged, targeting Microsoft 365 users by bypassing two-factor authentication...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways