Important Information on the Recent Microsoft Exchange Server Vulnerabilities

Updated: Mar 17

Over 30,000 organizations have been affected by the recent Microsoft Exchange Server vulnerability announced in early March.

Experts have learned that, after accessing the victim’s environment, criminals leave behind a web shell or back door, a hacking tool that can be used by the criminal to subsequently access the same environment. Critically, the criminal’s web shell remains even after the Exchange Server is patched with the latest Microsoft updates. Therefore, all Exchange servers should be inspected for signs of unauthorized access and any web shells must be removed.

Make sure your system administrator has done the following:

STEP ONE: Patch first!

All Exchange servers should be patched immediately to address the four identified vulnerabilities.

STEP TWO: Investigate whether your server has been compromised

Review Microsoft’s advice and download the Microsoft Safety Scanner (a Microsoft-developed scan tool) onto the email server, launch the program, agree to the license agreements, and click the “Full scan” option. This tool will automatically delete any detected files and not quarantine them. Once the scan is complete, the tool will report the deleted files. When done using the scanner, uninstall the tool simply by deleting the msert.exe executable. Importantly, this tool is only used to spot scans and should NOT be relied upon as an antivirus program.

33 views0 comments

What Our Insureds Say

"...Impressed with all aspects of their handling of the case from the initial intake to the consummation of settlement"

“About two years ago, I had a claim made against a co-counsel and me.  AIM hired excellent counsel to represent me in the matter.  There were very unusual circumstances in the case and AIM and counsel were able to get the claim settled without a suit being filed.  Everything they and the attorneys did was done with my full involvement and with the utmost consideration for all of the many and complicated aspects created by such circumstances.  I have nothing but praise for all that you and the AIM team did in this situation.”

© 2020 by Attorneys Insurance Mutual of the South, Inc.

Proudly created by Cartography Consulting.

Attorneys Insurance Mutual of the South, Inc., Risk Retention Group

200 Inverness Parkway
Birmingham, Alabama 35242


Tel: 205-980-0009

Toll-Free: 800-526-1246

Fax: 205-980-9009

Connect online:

  • White LinkedIn Icon
  • Twitter
  • Facebook