Here’s how to keep your business safe

The ACSC is advising organisations using Microsoft Exchange to urgently patch the following vulnerabilities:

  • CVE-2021-26855 - server-side request forgery (SSRF) vulnerability in Exchange.
  • CVE-2021-26857 - insecure deserialization vulnerability in the Unified Messaging service.
  • CVE-2021-26858 - post-authentication arbitrary file write vulnerability in Exchange.
  • CVE-2021-27065 - post-authentication arbitrary file write vulnerability in Exchange.

What do I need to do?

Microsoft has released security patches for the following versions of Microsoft Exchange:

  • Microsoft Exchange Server 2013
  • Microsoft Exchange Server 2016
  • Microsoft Exchange Server 2019

There are three different methods to get and install the update, with detailed instructions available on the Microsoft website.

Once the update has installed, businesses should undertake the detection scan for indicators of compromise which are described on the Microsoft blog.

Any organisations that have been impacted or require additional assistance can contact the ACSC on 1300-CYBER1.

What could happen if my business doesn’t apply the patches?

If the patches aren’t applied, then together these vulnerabilities could allow an unauthenticated attacker to write files and execute code with elevated privileges on your Microsoft Windows operating system.

A range of cyber attackers – including some in the business of ransomware – are already moving in to take advantage of businesses that have not yet applied the updates, which is why it is critical to do so as soon as possible.

To find out more, visit cyber.gov.au

Things you should know

As the advice on this website has been prepared without considering your objectives, financial situation or needs, you should, before acting on the advice, consider its appropriateness to your circumstances.