Update 09-03-2021: The vulnerabilities in Microsoft Exchange Server are still actively being abused. It is of grave importance that you update your server, if you have not done so already, as well as run the script made by Microsoft to check for abuse on your server.
Microsoft recently published an update to solve multiple vulnerabilities in Microsoft Exchange Server. These vulnerabilities give malicious parties the opportunity to grant themselves access to the email accounts on the server and install malware. Proof of concept code of several of these vulnerabilities has already been published online. More information about the vulnerabilities can be found on the official Microsoft blog.
Because these vulnerabilities have already demonstrably been abused, it is imperative that you update your Exchange Server as soon as possible. We have published a guide on our Knowledge Base to help you with the update. It is also advised to turn on automatic updates, if you had not done so already.
We also strongly urge you to research if any of the vulnerabilities have been abused on your VPS. To help you, Microsoft has created a script that scans your server. If the scan turns up apparent abuse, it is important that you make a back-up of your data and perform a reinstall of your VPS. Don’t forget to also update the passwords of the email accounts on your server. Just installing the update will not be sufficient in this case.
If you have any further questions, please contact us via the control panel. We would be happy to help.