'That means the vulnerabilities the attackers exploited have been in the Microsoft Exchange Server code base for more than 10 years,' security blogger Brian Krebs wrote in a Monday blog post. Microsoft also took the unusual step of issuing a patch for the 2010 edition, even though support for it ended in October. Generally, Microsoft releases updates on Patch Tuesday, which occurs on the second Tuesday of each month, but the announcement about attacks on the Exchange software came on the first Tuesday, emphasizing its significance.
