In this article, we'll explore high volume logon attacks (HVAs) against on-premise Microsoft Exchange servers including the ongoing detrimental effects on the organization being attacked. Active Directory (AD) environments are particularly susceptible because a single compromised account can trigger widespread network infiltration. As a result, password attacks can lead to severe consequences, including data breaches, [...]

Organizations running Exchange Server SE always utilize firewalls to help protect the environment. These range from very expensive comprehensive systems with many features to firewalls with very basic security controls. I’m always surprised by the very diverse deployments across the many customer systems we encounter.  Why Traditional Firewalls and Geo-Blocking Fall Short Some firewalls offer [...]

For years, users of the open-source email client Thunderbird have faced a common hurdle in corporate environments: Microsoft Exchange. While Thunderbird has always been a robust alternative to Outlook, connecting it to Exchange servers often required paid third-party add-ons (like Owl or ExQuilla) or relying on sometimes-fickle IMAP/POP configurations. With the release of Thunderbird 145, that [...]

The threat outlook for on-premises Exchange Server SE security has shifted from "constant monitoring" to "imminent threat." In a new joint advisory, the NSA, CISA, the FBI, and international partners (ASD's ACSC and CCCS) have issued a stark warning: nation-state actors and cybercriminals continuously target Exchange environments. With the release of this guidance, it is [...]

This month, Microsoft has announced that no security updates are being released for any version of Exchange Server in November 2025. This includes all customers using Exchange Server SE as well as those with Extended Security Updates (ESU) for Exchange Server 2019 and 2016. Microsoft reminds customers that although mainstream support for Exchange 2016 and 2019 has [...]

CISA and NSA have released urgent security guidance for organizations running Microsoft Exchange Server, warning that on-premises instances face imminent threats from nation-state attackers and cybercriminals. The joint advisory, developed with Australia's Cyber Security Centre and Canada's Cyber Centre, addresses persistent exploitation attempts targeting both Exchange servers and Windows Server Update Services (WSUS) infrastructure.​ Growing [...]

Microsoft has officially announced the end of support for Office Online Server, effective December 31, 2026. This decision affects organizations that rely on on-premises browser-based document editing and viewing capabilities, pushing them toward Microsoft 365 or alternative solutions as they plan their migration strategies.​ What is Office Online Server Office Online Server was designed to provide [...]

Cybersecurity researchers have uncovered a widespread attack campaign exploiting Microsoft 365 Exchange Online's Direct Send feature, allowing threat actors to spoof internal users and deliver phishing emails without compromising a single account. Cisco Talos, Varonis Threat Labs, and multiple email security vendors report that over 70 organizations across various industries have been targeted since May [...]

Microsoft has released critical security updates for Exchange Server, marking a significant milestone as these represent the final publicly available updates for Exchange Server 2016 and 2019. The October 2025 Security Updates (SUs) address multiple vulnerabilities across Exchange Server Subscription Edition (SE), Exchange Server 2019, and Exchange Server 2016.​ Affected Versions and Availability The October [...]

Suspected Chinese hackers have infiltrated the Microsoft Exchange email servers of foreign ministries across Africa, the Middle East, and Asia in a sophisticated, multi-year espionage operation. Researchers at Palo Alto Networks' Unit 42 threat intelligence division revealed the discovery of Phantom Taurus, a previously undocumented nation-state actor conducting intelligence collection operations aligned with People's Republic [...]

With Microsoft retiring support for Exchange Server 2016 and 2019 this month, Exchange Server Subscription Edition (SE) will become the only supported on-premises version. Microsoft has announced a 6-month Extended Security Update (ESU) program to give customers time to complete migrations. Messageware, a leading provider of security solutions for Microsoft Exchange, is pleased to confirm [...]

Microsoft has issued a critical reminder that Exchange Server 2016 and Exchange Server 2019 will reach end of support on October 14, 2025, with less than one month remaining to prepare and act. Organizations must plan an immediate migration path to remain secure and compliant, either to Exchange Online or to the new Exchange Server Subscription Edition [...]

Microsoft has released the September 2025 Hotfix Updates (HUs) for Exchange Server 2016, Exchange Server 2019, and Exchange Server Subscription Edition (SE). These non-security updates address specific issues in earlier releases and include continued support for the dedicated Exchange hybrid app functionality. HUs are available for the following specific versions of Exchange Server: Exchange Server [...]

Messageware is pleased to announce that Messageware AttachView is now fully compatible with Exchange Server SE, delivering complete Outlook Web attachment protection for organizations migrating to or running SE environments. As the only third-party solution purpose-built for Exchange Server SE, AttachView provides unmatched security for Outlook Web attachments. By instantly converting files into secure, browser-based [...]

Microsoft has released the August 2025 Security Updates (SUs) for Exchange Server 2016, Exchange Server 2019, and Exchange Server Subscription Edition (SE). These cumulative updates address multiple vulnerabilities and introduce default security hardening, and they explicitly include the capability required for on‑premises Exchange to support and use the dedicated Exchange hybrid app needed to mitigate [...]

Microsoft has disclosed a high-severity vulnerability in Exchange Server hybrid deployments that poses significant risks to organizations worldwide. CVE-2025-53786, with a CVSS score of 8.0, enables attackers to escalate privileges from on-premises Exchange servers to connected cloud environments without leaving detectable audit trails. The Core Security Flaw The vulnerability exploits a fundamental design weakness in Exchange [...]

A sophisticated new threat has emerged targeting Microsoft Exchange infrastructure worldwide. Kaspersky's Global Research and Analysis Team recently uncovered GhostContainer, a highly advanced backdoor malware that leverages open-source tools to establish persistent access to Exchange servers. This analysis examines the technical mechanisms, attack vectors, and implications of this threat for enterprise security teams managing Exchange deployments. GhostContainer [...]

A critical zero-day vulnerability in Microsoft SharePoint has triggered widespread cyberattacks across the globe, affecting businesses, government agencies, and educational institutions. The attack exploits a previously unknown security flaw that allows hackers to gain complete control over on-premises SharePoint servers without authentication. Microsoft has now directly attributed these attacks to Chinese state-sponsored hacking groups. Scale [...]

Microsoft has announced an optional 6-month Extended Security Update (ESU) program for Exchange Server 2016 and 2019, providing a temporary bridge for organizations struggling to complete their migrations before the upcoming end-of-support deadline. This program represents Microsoft's response to customer feedback indicating that some organizations need additional time to finalize their transitions to Exchange Subscription [...]

The second week of July 2025 marked a significant disruption in Microsoft's cloud ecosystem, with a cascading series of outages that affected millions of users worldwide. What began as isolated reports of service issues on July 9th quickly escalated into one of the most prolonged and impactful outages in Microsoft 365's history, lasting over 19 [...]