Additional guidance and product updates following last week’s March 2021 Exchange Server Security Updates
Microsoft has shared additional guidance and product updates to help you and your customers following last week’s March 2021 Exchange Server Security Updates.
Consolidated Guidance. The below guidance consolidates information from multiple Microsoft blogs and communications to explain the situation and help clarify the steps required to respond:
- An updated MSRC blog post Multiple Security Updates Released for Exchange Server – updated March 8, 2021 to provide a comprehensive overview of the security updates for Exchange Server and recommended steps to patch and remediate.
- Step-by-step instructions on patching and remediation, detailed by version of Exchange Server.
Security updates for older Cumulative Updates of Exchange Server. To help partners and customers who have not yet upgraded their Exchange Servers to current Cumulative Update (CUs), Microsoft is producing additional security updates which can be applied to a set of older (and unsupported) CUs.
This is intended only as a temporary measure to help immediately protect vulnerable machines. You still need to update and have your customers update to the latest supported CU and then apply the applicable Security Updates (SUs). If you or your customers are already mid-update to a later CU, continue with that update.
To learn more about these updates, and important considerations for applying them, please review the Exchange blog post March 2021 Exchange Server Security Updates for older Cumulative Updates of Exchange Server and KB5000871.
We are committed to continuing to partner with you as we work through this issue. Microsoft Customer Success Account Manager and Technical Support Teams will continue to work with your technical teams to assist in addressing this issue.
Information to assist you and your teams:
CSS Support: https://support.microsoft.com/