Microsoft customers who use Exchange Online for all their email still often have to run on-premises Exchange to be supported – and that is a burden they could do without as new vulnerabilities appear.
“This past week, security researchers discussed several ProxyShell vulnerabilities, including those which might be exploited on unpatched Exchange servers to deploy ransomware or conduct other post-exploitation activities,” warned Microsoft’s Exchange team yesterday. “It is critical to keep your Exchange servers updated with latest available Cumulative Update (CU) and Security Update (SU).”
It’s good advice, but many affected organisations would rather not run Exchange on-premises at all. They do so because Microsoft insists on it – even when all their mail is handled by Exchange Online.