- How to Become a Chief Information Officer: CIO Cheat Sheet
- 3 handy upgrades in MacOS 15.1 - especially if AI isn't your thing (like me)
- Your Android device is vulnerable to attack and Google's fix is imminent
- Microsoft's Copilot AI is coming to your Office apps - whether you like it or not
- How to track US election results on your iPhone, iPad or Apple Watch
NCSC: Install Latest Microsoft Exchange Server Updates Urgently
The National Cyber Security Center (NCSC) is encouraging all UK organizations to install the latest Microsoft Exchange Server updates as a matter of urgency.
The urgent advisement comes after Microsoft released out-of-band patches to fix multiple zero-day Exchange Server vulnerabilities believed to be being exploited by Chinese state-sponsored actors last week.
A week later, ESET claimed that more than 10 different advanced persistent threat (APT) groups have been detected exploiting the vulnerabilities, with the security firm having identified more than 5000 global email servers affected by malicious activity.
The NCSC’s updated alert provides advice that will help reduce the risk of future ransomware and other malware infections.
NCSC director for operations, Paul Chichester, said: “We are working closely with industry and international partners to understand the scale and impact of UK exposure, but it is vital that all organizations take immediate steps to protect their networks.
“Whilst this work is ongoing, the most important action is to install the latest Microsoft updates.
“Organizations should also be alive to the threat of ransomware and familiarize themselves with our guidance. Any incidents affecting UK organizations should be reported to the NCSC.”
All organizations are advised to proactively search systems for evidence of compromise, in line with Microsoft’s public advice, the NCSC added.