This isn't really a full 'Exchange' article, but nevertheless I would like to have your attention on this very important subject. I'll keep it short for this article. First .. the all famous 'code-red worm'. I assume you do have heard about it and have patched your servers right? Well, I can tell you that not everybody has done this. I run two websites supporting Microsoft products at www.exchange-mail.org and www.sharepointserver.com. On average I still receive a few hundred Code Red probes per week. This means that there are still hundreds, maybe thousands of servers NOT patched with the patch which has been available for months now.

Now it isn't really that hard to keep up to date with security issues, as Microsoft provides a free email service to send important Security Bulletins to your inbox. You can subscribe to this at this page.

Another very valuable source of information is NTBugtraq. Run by Russ Cooper, NTBugtraq offers a free mailing list for the discussion of security exploits and security bugs in Windows NT and its related applications.

Also try to stay up to date with the antivirus developments at the website of your vendor. Sometimes they release updates not only for the antivirus definitions, but also for the software itself.

Now, my intentions of this article isn't to present you a full detailed plan of what to do, but to hand you a few sources to check out. After all ... do you want to tell your manager that your servers were hacked and data got lost, and you could have prevented it by installing a patch which had been available for some while?

Till next time !

Martin