ACSC releases critical warning for local organisations over new Microsoft email risk

Microsoft_cybersecurity ransomware

Source: Unsplash/Clint Patterson

The Australian Cyber Security Centre (ACSC) has issued urgent advice for local organisations to patch new vulnerabilities discovered in the Microsoft Exchange systems.

A patch to mitigate ‘significant’ new vulnerabilities discovered in Microsoft Exchange 2013, 2016 and 2019 was released on Tuesday.

The ACSC has advised local organisations to apply the patch released this week as a matter of urgency.

Assistant Minster for Defence Andrew Hastie said that any Microsoft patch released prior to April this year did not cover the new vulnerabilities.

“Patches previously released by Microsoft in March 2021 do not remediate these new vulnerabilities, and organisations must urgently apply new updates to prevent potential compromise,” Hastie said.

He stressed the patch would minimise the risk of email software systems being compromised by threat-actorsm, and added that the ACSC had already identified Australian organisations had been targeted.

“This is a critically important task for Australian businesses and organisations,” Mr Hastie said.

“People should visit the new alert, available at, to identify the steps outlined by the ACSC and access the Microsoft guidance.”

This article was first published by The Mandarin.


Notify of
Inline Feedbacks
View all comments
SmartCompany Plus

Sign in

To connect a sign in method the email must match the one on your SmartCompany Plus account.
Or use your email
Forgot your password?

Want some assistance?

Contact us on: or call the hotline: +61 (03) 8623 9900.