Close Menu
geekfence.comgeekfence.com
    What's Hot

    Genghis AI: Turning tax advisory labour into software

    July 12, 2026

    TechCrunch Mobility: A robotaxi ultimatum

    July 12, 2026

    Choosing the Right AI Agent Memory Strategy: A Decision-Tree Approach

    July 12, 2026
    Facebook X (Twitter) Instagram
    • About Us
    • Contact Us
    Facebook Instagram
    geekfence.comgeekfence.com
    • Home
    • UK Tech News
    • AI
    • Big Data
    • Cyber Security
      • Cloud Computing
      • iOS Development
    • IoT
    • Mobile
    • Software
      • Software Development
      • Software Engineering
    • Technology
      • Green Technology
      • Nanotechnology
    • Telecom
    geekfence.comgeekfence.com
    Home»UK Tech News»Cyber agencies produce ‘long overdue’ best practices for securing Microsoft Exchange Server – Computerworld
    UK Tech News

    Cyber agencies produce ‘long overdue’ best practices for securing Microsoft Exchange Server – Computerworld

    AdminBy AdminNovember 2, 2025No Comments3 Mins Read3 Views
    Facebook Twitter Pinterest LinkedIn Telegram Tumblr Email
    Cyber agencies produce ‘long overdue’ best practices for securing Microsoft Exchange Server – Computerworld
    Share
    Facebook Twitter LinkedIn Pinterest Email



    The guidance

    The guidance states admins should treat on-prem Exchange servers as being “under imminent threat,” and itemizes key practices for admins:

    • First, it notes, “the most effective defense against exploitation is ensuring all Exchange servers are running the latest version and Cumulative Update (CU)”;
    • It points out that Microsoft Exchange Server Subscription Edition (SE) is the sole supported on-premises version of Exchange, since Microsoft ended support for previous versions on October 14, 2025;
    • It urges admins to ensure Microsoft’s Emergency Mitigation Service remains enabled for delivery of interim mitigations;
    • It urges admins to establish a security baseline for Exchange Server, mail clients, and Windows. Maintaining a security baseline enables administrators to identify non-conforming systems and those with incorrect security configurations, as well as allowing them to perform rapid remediation that reduces the attack surface available to an adversary;
    • It advises admins to enable built-in protection like Microsoft Defender Antivirus and other Windows features if they aren’t using third party security software. Application Control for Windows (App Control for Business and AppLocker) is an important security feature that strengthens the security of Exchange servers by controlling the execution of executable content, the advice adds;
    • It urges admins to make sure only authorized, dedicated administrative workstations should be permitted to access Exchange administrative environments, including via remote PowerShell;
    • It tells admins to make sure to harden authentication and encryption for identity verification;
    • It advises that Extended Protection (EP) be configured with consistent TLS settings and NTLM configurations. These make EP operate correctly across multiple Exchange servers;
    • It advises admins to ensure that the default setting for the P2 FROM header is enabled, to detect header manipulation and spoofing;
    • It says admins should enable HTTP Strict Transport Security (HSTS) to force all browser connections to be encrypted with HTTPS.

    Given the number of configuration options available, it can be difficult for many organizations to select the optimal security configuration for their particular organization at the time of installation, Beggs admits. This is made more complex, he said, if implementations occur in a shared services model where the Exchange server is hosted in the cloud, and may be configured and maintained by a third party, and responsibility for a secure configuration is not clear. 

    “A little-recognized aspect of securely configuring Exchange is that applying patches and upgrades from the vendor may reset or change some security configuration information,” he noted. While the guidance urges admins to ‘apply security baselines,’ Beggs said they should verify that the correct security baseline was applied. And, he added, they should review configuration settings at least quarterly.



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Genghis AI: Turning tax advisory labour into software

    July 12, 2026

    ‘Rotten to its core’ — Apple files an explosive lawsuit against OpenAI – Computerworld

    July 11, 2026

    This Hidden App Lets you Customise Your Samsung Galaxy Phone

    July 10, 2026

    From answer to act: the next phase of Artificial Intelligence (AI) in banking and financial services 

    July 9, 2026

    Why Discipline Beats Vision

    July 8, 2026

    How to go incognito in Chrome, Edge, Firefox, and Safari – Computerworld

    July 7, 2026
    Top Posts

    Understanding U-Net Architecture in Deep Learning

    November 25, 202560 Views

    Hard-braking events as indicators of road segment crash risk

    January 14, 202631 Views

    Redefining AI efficiency with extreme compression

    March 25, 202629 Views
    Don't Miss

    Genghis AI: Turning tax advisory labour into software

    July 12, 2026

    Guest post by Michael Kilarney Co-Founder Genghis AI The 2023 idea of “tax AI” is…

    TechCrunch Mobility: A robotaxi ultimatum

    July 12, 2026

    Choosing the Right AI Agent Memory Strategy: A Decision-Tree Approach

    July 12, 2026

    Handling Class Imbalance in ML: Better Alternatives to SMOTE

    July 12, 2026
    Stay In Touch
    • Facebook
    • Instagram
    About Us

    At GeekFence, we are a team of tech-enthusiasts, industry watchers and content creators who believe that technology isn’t just about gadgets—it’s about how innovation transforms our lives, work and society. We’ve come together to build a place where readers, thinkers and industry insiders can converge to explore what’s next in tech.

    Our Picks

    Genghis AI: Turning tax advisory labour into software

    July 12, 2026

    TechCrunch Mobility: A robotaxi ultimatum

    July 12, 2026

    Subscribe to Updates

    Please enable JavaScript in your browser to complete this form.
    Loading
    • About Us
    • Contact Us
    • Disclaimer
    • Privacy Policy
    • Terms and Conditions
    © 2026 Geekfence.All Rigt Reserved.

    Type above and press Enter to search. Press Esc to cancel.