Detections
Analytics
Unsupported or Outdated Exchange Servers
high
Language:
Description
To secure and maintain full support for your Microsoft Exchange environment, identify and address obsolete servers or those missing the latest Cumulative Updates. Unsupported or unpatched Exchange servers increase the risk of exploitation, exposing your organization to potential data breaches and ransomware attacks.
Keeping your Exchange infrastructure up to date safeguards critical email communications and sensitive data while mitigating common exploitation techniques. Given Exchange's deep integration with Active Directory and its potential high-level domain permissions, regular updates help reduce security risks and strengthen overall protection.
Solution
Microsoft currently supports Exchange Server 2016 and 2019, which you should always keep updated with the latest Cumulative Update. Organizations should migrate any other versions as soon as possible to prevent potential compromise.
See Also
Exchange Server build numbers and release dates
Prepare Active Directory and domains for Exchange Server (2019)
Prepare Active Directory and domains for Exchange Server (2016)
Indicator Details
Name: Unsupported or Outdated Exchange Servers
Codename: C-EXCHANGE-VERSION
Severity: High
Type: Active Directory Indicator of Exposure
- Tactic: TA0001 - Initial Access
- Techniques: T1190 - Exploit Public-Facing Application
- Tactic: TA0004 - Privilege Escalation
- Techniques: T1068 - Exploitation for Privilege Escalation
- Tactic: TA0008 - Lateral Movement
- Techniques: T1210 - Exploitation of Remote Services