New Zero-Day Vulnerabilities in Microsoft Exchange: The Problem with On-Premise Servers

On December 22, Huntress, a cybersecurity organization, observed a significant increase in malicious PowerShell activity, where hackers were able to launch Server-Side Request Forgery and allow remote code execution. In this instance, the attackers are exploiting zero-day vulnerabilities, a hole in security that has been reported but is still unpatched in a system or device, to deploy web shells for persistence and data theft.

Why is Microsoft Exchange vulnerable to these attacks?

A Microsoft Exchange Server is an on-premises server set up and used in a company's own data center or network on actual hardware. On-prem servers are vulnerable to attacks if not monitored and consistent with updates to keep hackers from stealing sensitive information. In our blog, Cloud vs. On-prem: Why Cloud Services is Beneficial to Your Work Processes, we explain the issues of on-prem servers and how they can be more vulnerable to security flaws.

When Microsoft discovers problems in its services, it will release a patch that must be implemented on the server almost immediately. Patching the server is the responsibility of the company and its IT team. Frequently, mandatory updates to the on-premises server are not completed on time, exposing a vulnerability that con artists might exploit to access systems.

Another cause for exploits is that it's a widely-used platform. Thus, attackers will likely take advantage of any software flaws or vulnerabilities. Exchange Server is a desirable target for attackers because it's used as an email system and is open and exposed to the internet.

We urge you to make the switch to online servers.

Microsoft Office 365, servers in numerous data centers and linked to a single cloud, instantly patches any vulnerabilities and updates and improves software for all cloud users. As a result, the firm is relieved of the burden of ensuring that their IT company is regularly patching their on-premise server, as this would be done automatically with the cloud server.

Microsoft’s spending is geared much more towards Office 365 than Exchange Server, so security is by far better there. Plus, it offers other security features and filters that Exchange has, as well as better integrations with other Microsoft products.

Infiniwiz encourages users to migrate to Office 365, so they don't have to worry about updating on-premise servers and the potential security risk that can occur if any gaps allow con artists to attack and steal important information. We have a lot of experience with Exchange Server to Office 365 migrations so we can assist. If you have any questions, feel free to contact us!

Our job is to help companies create more unified business functions, improve customer service, and utilize technology to move forward. Chicago-experienced IT consulting experts will make your technology work for you and keep you from spending endless, frustrating hours managing your business IT. Managed IT is when the Infiniwiz team proactively takes care of all the IT headaches and hassles for you…So you can get done on your “to-do” list – like growing the business!