Skip to main content

Cyber Security – Microsoft Exchange Server

By March 8, 2021June 13th, 2023No Comments

A notice forwarded to us by our partners at Cowbell Cyber.

What happened?

4 vulnerabilities (weaknesses in software code that can be used to intrude into your network) have been identified on Microsoft Exchange Server and exploited by hackers.

Who is impacted?

Organizations running Exchange Server in-house, versions 2013 through 2019. Organizations running Microsoft 365 in the cloud are not impacted.

What to advise policyholders to do?

  • Microsoft has published patches and urges IT administrators, to apply the security fixes immediately.
  • If patching immediately is not an option, Microsoft has made interim mitigation options available.
  • The Exchange server might have been compromised prior to patches being applied. Microsoft has made available a script on GitHub for IT administrators to run and test whether the Exchange server has already been compromised. This includes indicators of compromise (IoCs) linked to the four vulnerabilities. IoCs are listed separately here.

If you doesn’t have any IT resources available to help and doesn’t know how to determine whether they run a version of Exchange Server that is impacted, Cowbell’s Risk Engineering team is here to help.

Please call 833-MEET-MOO / (833) 633-8666) Extension 711 or email us at

Help your client avoid future cyberattacks

As a Cowbell Cyber policyholder you can login to their platform, view your cyber risk ratings, get insights on risk exposure and benefit from recommendations to improve your risk.

Stay Safe.
The Cowbell Risk Engineering Team.

Thank you to Cowbell Cyber for this information to help our clients keep there data safe.

Derek Knapp 925-827-0510

AGENT2000, Commercial and Personal Insurance Brokers.

Click here if you have cyber insurance questions.