DearCry ransomware targets vulnerable Exchange servers As predicted, ransomware gangs have started to target vulnerable instances of Microsoft Exchange Server, making patching an even greater priority Share this item with your network: By Published: 12 Mar 2021 13:57 Microsoft has confirmed that a new strain of ransomware is targeting vulnerable on-premise Microsoft Exchange Servers through the dangerous ProxyLogon vulnerabilities as cyber criminal groups zero in on those who have yet to, or are unable to, apply the advised patches. Redmond said via a tweet that the new ransomware, Ransom:Win32/DoejoCrypt.A or DearCry, was being deployed with initial compromise through Exchange Server. It said users of Microsoft Defender who are receiving automatic updates should not need to take action, but on-prem Exchange users should prioritise the updates it has made available, more information on which is available here.