Microsoft Exchange and Active Directory Blog
There are currently still many Exchange servers that have not been provided with the urgently needed security updates. This is not only about the ProxyLogon and ProxyShell vulnerabilities, which were already closed in April by corresponding updates, but now also about the vulnerability CVE-2021-42321, which has been closed with the latest Exchange updates. About the exploitation of ... Read more
Microsoft has released new security updates for all supported Exchange Servers (2013, 2016, 2019). In particular, Microsoft mentions the vulnerability CVE-2021-42321 (Remote Code Execution) in Exchange 2016 and 2019, which is already being exploited in a limited number of targeted attacks. The number of attacks is likely to increase as the update may now make the vulnerability easier to detect. ... Read more
Microsoft has released new security updates for Exchange Server 2013, 2016 and 209. These three vulnerabilities are fixed in Exchange Server 2016 and 2019: CVE-2021-41350 CVE-2021-41348 CVE-2021-34453 CVE-2021-41348 is a High severity vulnerability that allows privilege escalation. The following vulnerability is fixed in Exchange 2013: CVE-2021-26427 CVE-2021-26427 is ... Read more
It's currently in the news again: attackers are trying to exploit Exchange security vulnerabilities. This time, however, the updates have been available for some time. Anyone who has not yet installed the latest security updates should do so as soon as possible. Here is a summary of the available security updates: New security updates for Exchange Server (April 2021) New security updates for Exchange Server ... Read more
After installing the July security updates, it may happen that the Exchange Administrative Center (EAC) and OWA can no longer be opened. The cause is an expired certificate for Exchange Server OAuth authentication. Microsoft also refers to this problem in the release notes of the updates. Unfortunately, the notes on the updates are overlooked ... Read more
A week ago, Microsoft released new security updates for Exchange Server 2013, 2016 and 2019. I'm only reporting on this now because I've been on vacation for the last 14 days. But thanks to the CVE reporter, this shouldn't be a problem :-) The following four vulnerabilities are closed by the updates CVE-2021-31196 CVE-2021-34470 CVE-2021-33768 CVE-2021-31206 Here's ... Read more
Microsoft has released new security updates for all Exchange Server versions (2013 - 2019). This time it concerns the vulnerabilities that were successfully used in Pwn2Own 2021 to attack Exchange Server. The following vulnerabilities are fixed: CVE-2021-31209 CVE-2021-31207 CVE-2021-31198 CVE-2021-31195 Here is a description from the Pwn2Own website, presumably exactly this vulnerability is now fixed: The ... Read more
Microsoft has released new security updates for all Exchange Server versions (2013 - 2019). These are likely to fix the vulnerabilities that were used in the Pwn2Own 2021 to attack Exchange Server. The following vulnerabilities are fixed: CVE-2021-28483 CVE-2021-28482 CVE-2021-28481 CVE-2021-28480 Here is a description from the Pwn2Own website, probably exactly this ... Read more
Due to the severity of the HAFNIUM exploit, Microsoft has released further updates for older Exchange Server versions. However, the updates cannot be obtained via Windows Update, but must be downloaded and installed manually. Further information on the updates can be found here: March 2021 Exchange Server Security Updates for older Cumulative Updates of Exchange Server Some ... Read more
Microsoft has released new security updates for Exchange Server 2016 - 2019. This is a fix for the following vulnerability: CVE-2021-24085: Microsoft Exchange Server Spoofing Vulnerability However, the vulnerability is listed as "Low" severity and an attacker must have Exchange Server credentials to exploit the vulnerability: An ... Read more
