I like how they emphasize that on-premise deployments are the ones that are likely to be vulnerable. A big cloud host, with thousands or even millions of customers using #Exchange, is an even more tempting target.
Yes, they have the resources to detect and remediate the attackers, but they definitely can attract their share of bad actors.
@lnxw48a1 That is why, as much as I hate the whole O365 thing, if you are going to use it then get straight from M$ and not from some other provider. I haven't looked but I would guess they had the patches installed before they were released for general deployment.