NCSC warns businesses to update mail exchange server ‘as a matter of urgency’

12 March 2021, 17:24

Person using a laptop
NCSC warns businesses to update mail exchange server as a matter of urgency. Picture: PA

Vulnerability in Microsoft Exchange Server, used by companies across the world, first came to light last week.

Businesses in the UK have been warned to install a security patch as a matter of urgency by the country’s cyber experts, amid concerns that thousands of email servers could be vulnerable.

The National Cyber Security Centre (NCSC) has redoubled guidance about a Microsoft Exchange Server issue, which could be highly damaging if exploited by hackers.

Microsoft Exchange Server is used by firms across the globe for managing email and calendars.

An alert was first published by the information security arm of GCHQ on March 3, urging firms to install the latest update for 2013, 2016 and 2019 editions of Microsoft Exchange Server immediately.

It is believed between 7,000 and 8,000 exchange servers could be vulnerable, but only half of them are thought to be currently patched.

All organisations are advised to proactively search systems for evidence of compromise in case they have already been affected.

Microsoft believes a highly skilled and sophisticated actor, dubbed Hafnium, is behind the campaign, and is backed by China’s government.

At present, there have been no reported cases of the vulnerability being used to attack businesses in the UK, but the NCSC fears small business in particular could be hit if advice is missed.

Paul Chichester, NCSC director for operations, said: “We are working closely with industry and international partners to understand the scale and impact of UK exposure, but it is vital that all organisations take immediate steps to protect their networks.

“Whilst this work is ongoing, the most important action is to install the latest Microsoft updates.

“Organisations should also be alive to the threat of ransomware and familiarise themselves with our guidance. Any incidents affecting UK organisations should be reported to the NCSC.”

By Press Association

More Technology News

See more More Technology News

Elon Musk

How Elon Musk’s influence has grown both online and offline in 2024

Hands holding the iPhone 16

How smartphones powered the AI boom in 2024

London skyline

US investor to snap up maritime AI specialist Windward for £216m

Donald Trump

How will a second Trump presidency impact the tech world in 2025?

Morning drone (002)

Drone project reaches ‘important milestone’ with final trial flights

Prime Minister hosts Chanukah reception

AI tech giants should not be subsidised by British creatives, Starmer signals

Dr Craig Wright arrives at the Rolls Building in London for the trial earlier this year (Lucy North/PA)

Computer scientist behind false Bitcoin founder claim sentenced for contempt

Google has been contacted for comment (PA)

ICO criticises Google over ‘irresponsible’ advertising tracking change

Some 22% of consumers have increased their use of second-hand shopping apps in the past three months (Depop/PA)

Millions of Britons earning average £146 a month on second-hand platforms

ChatGPT being used via WhatsApp

ChatGPT joins WhatsApp to allow anyone to access the AI chatbot

A Facebook home page on a laptop screen

Meta fined more than 250 million euro by Irish data commission following breach

Finger poised above WhatsApp app on smartphone

Ending use of WhatsApp is ‘clear admission’ Government was wrong, claim Tories

Phone with WhatsApp on the screen

Scottish Government to cease use of WhatsApp by spring, says Forbes

Open AI

OpenAI rolls out ChatGPT search engine tool to all users

Most people happy to share health data to develop artificial intelligence

Government launches consultation on copyrighted material being used to train AI

Debbie Weinstein

Google names UK executive as president for Europe, Middle East and Africa

More Tech News

See more More Tech News

A person's hands on a laptop

UK to hold conference of developers in Silicon Valley to discuss AI safety

Man in a video conference with his team

Scientists reveal the type of virtual backgrounds associated with ‘Zoom fatigue’

Taoiseach Simon Harris (Brian Lawless/PA)

Taoiseach to meet with gardai and regulators over online safety

Several accounts on X appear to have been hacked on Wednesday evening (Dominic Lipinski/PA)

Accounts of several politicians and organisations hacked on X

Tesco Clubcard

Tesco ‘could use Clubcard data to nudge customers towards healthier choices’

A woman using a mobile phone

AI voice cloning scam warning issued by bank

Latest UK News

See more Latest UK News

A group of people thought to be migrants are brought in to Dover, Kent, from a Border Force vessel following a small boat incident in the Channel. Picture date: Thursday December 26, 2024.

More than 450 migrants crossed Channel in small boats on Christmas Day, Home Office figures show
A row has erupted over Reform UK's claims about membership

Row erupts between Reform and Tory Party over membership figures - as Farage accuses Badenoch of being 'bitter'
World Health Organization WHO Director-General Tedros Adhanom Ghebreyesus

Head of WHO claims to have been in Yemen airport during Israeli air strikes on Houthi targets - as crew member injured
PALESTINIAN-ISRAEL-CONFLICT-PRESS

Palestinian journalists killed in Israeli airstrike outside hospital in Gaza Strip, Health Ministry claims
Shoppers walk outside Selfridge's store in Oxford Street during Boxing Day sales

High Street suffers as Boxing Day shoppers stay at home

Rail Passengers Brace For Wave Of Strikes Through Holiday Season

More than 360,000 UK train services were fully or part-cancelled in past year - as reliability plummets

More Topics

See more More Topics

War in Ukraine

Cost of Living Crisis

UK Strikes

Immigration

Crime & Police

London

NHS

Royal News