Protecting against recent MS Exchange Exploits

What do I need to proxy in Cloudflare DNS for my Exchange 2016 server to be protected against the recent security exploits (Protecting against recently disclosed Microsoft Exchange Server vulnerabilities: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065)? I have enabled WAF and the firewall special rules but do I need to do anything else (e.g. proxying additional DNS records)

If you have all the WAF rules in place then you should be secure from any malicious user reaching your Exchange server through Cloudflare.

To fully safe the server you should patch the server ASAP and look into access control such as Cloudflare for Teams to prevent unauthorised users from touching your Exchange servers in future.

The blog post from Cloudflare links to other relevant links from Microsoft which are worth having a read through.

This topic was automatically closed after 30 days. New replies are no longer allowed.