The US Cybersecurity and Infrastructure Security Agency has added three known exploits to its Known Exploited Vulnerabilities Catalog – this list should be seen as a “Must Patch Now” list.
Two of the exploits are for Microsoft Exchange are being actively exploited:
CISA Adds Three Known Exploited Vulnerabilities to Catalog | CISA
My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.
