It's been three weeks since Microsoft's announcement and I am still running across clients who are vulnerable to the current on-premise Exchange server exploits. Not surprisingly, perhaps, many of these same clients are also behind on their Exchange updates and this raised the bar required to remediate the vulnerabilities.