Exclusive: Schools urged to act after Microsoft breach

DfE 'strongly' recommends schools install necessary updates 'immediately' following Microsoft security notice

Amy Gibbons


Schools have been urged to take action after a "number of attacks" on Microsoft servers, Tes can reveal.

In an email to heads seen by Tes, the Department for Education (DfE) has "strongly" recommended that schools install necessary updates "immediately" following a security notice from Microsoft.

The email states: "Microsoft has made public that a number of attacks have been made on Exchange servers through easily exploitable but highly impacting vulnerabilities. In response, they have released multiple security updates for affected servers.

Security: DfE broke the law on pupil data protection

Warning: Schools 'find malware' on DfE laptops

Advice: How schools can protect their pupils' data

"We recommend following vendor best practice advice in the mitigation of vulnerabilities. In this case, the most important aspect is to install the latest updates immediately.

"More information about the security updates can be found on Microsoft's website and advice from the advice from the National Cyber Security Centre.

"We strongly recommend that schools that use Microsoft Exchange:

  • read the guidance referenced above
  • install the necessary updates immediately
  • stay informed of any future updates to the guidance from Microsoft (via the links above)."

Microsoft issued "multiple security updates" earlier this week, which advised: "Due to the critical nature of these vulnerabilities, we recommend that customers apply the updates to affected systems immediately to protect against these exploits and to prevent future abuse across the ecosystem."

Register to continue reading for free

It only takes a moment and you'll get access to more news, plus courses, jobs and teaching resources tailored to you

Amy Gibbons

Amy Gibbons

Amy Gibbons is a reporter at Tes

Find me on Twitter @tweetsbyames

Latest stories