Critical Exchange vulnerability: alert level lowered to yellow

On 3 March, we issued a red alert regarding vulnerable Exchange servers. While the acute phase is now behind us, organisations that have used or are currently using Exchange must conduct an information security investigation.