This vulnerability is part of an attack chain. The initial attack requires the ability to make an untrusted connection to Exchange server port 443. This can be protected against by restricting untrusted connections, or by setting up a VPN to separate the Exchange server from external access. However, other portions of the chain can be triggered if an attacker already has access or can convince an administrator to open a malicious file.
Versions affected: The following versions of Microsoft Exchange Server are compromised while Exchange Online remains unaffected. Microsoft Exchange Server 2010 is being updated for Defense in Depth purposes.
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
Microsoft Exchange Server 2019
The other vulnerabilities addressed are as follows:
To fix these vulnerabilities, install the out of band updates released as soon as possible. Initiate a sync between the Central Patch Repository and the Patch Manager Plus server. Once synced, search for the following Patch IDs and deploy them to your target systems.
Patch ID | Bulletin ID | Patch Description |
30930 | MS21-FEB18 | Security Update For Exchange Server 2013 CU23 (KB5000871) |
30931 | MS21-FEB18 | Security Update For Exchange Server 2016 CU18 (KB5000871) |
30932 | MS21-FEB18 | Security Update For Exchange Server 2016 CU19 (KB5000871) |
30933 | MS21-FEB18 | Security Update For Exchange Server 2019 CU7 (KB5000871) |
30934 | MS21-FEB18 | Security Update For Exchange Server 2019 CU8 (KB5000871) |
30935 | MS21-FEB18 | Update Rollup 32 For Exchange 2010 SP3 (KB5000978) |
31069 | MS21-MAR8 | Security Update For Exchange Server 2016 CU14 (KB5000871) |
31070 | MS21-MAR8 | Security Update For Exchange Server 2016 CU15 (KB5000871) |
31071 | MS21-MAR8 | Security Update For Exchange Server 2016 CU16 (KB5000871) |
31072 | MS21-MAR8 | Security Update For Exchange Server 2019 CU4 (KB5000871) |
31073 | MS21-MAR8 | Security Update For Exchange Server 2019 CU5 (KB5000871) |
31074 | MS21-MAR8 | Security Update For Exchange Server 2019 CU6 (KB5000871) |
31075 | MS21-MAR8 | Security Update For Exchange Server 2013 CU21 (KB5000871) |
31076 | MS21-MAR8 | Security Update For Exchange Server 2013 CU 22 (KB5000871) |
31077 | MS21-MAR8 | Security Update For Exchange Server 2016 CU12 (KB5000871) |
31078 | MS21-MAR8 | Security Update For Exchange Server 2016 CU13 (KB5000871) |
31079 | MS21-MAR8 | Security Update For Exchange Server 2016 CU17 (KB5000871) |
31080 | MS21-MAR8 | Security Update For Exchange Server 2019 CU3 (KB5000871) |
31081 | MS21-MAR8 | Security Update For Exchange Server 2016 CU10 (KB5000871) |
31082 | MS21-MAR8 | Security Update For Exchange Server 2016 CU11 (KB5000871) |
31083 | MS21-MAR8 | Security Update For Exchange Server 2019 RTM (KB5000871) |
31084 | MS21-MAR8 | Security Update For Exchange Server 2019 CU1 (KB5000871) |
31085 | MS21-MAR8 | Security Update For Exchange Server 2019 CU2 (KB5000871) |
31086 | MS21-MAR8 | Security Update For Exchange Server 2016 CU8 (KB5000871) |
31087 | MS21-MAR8 | Security Update For Exchange Server 2016 CU9 (KB5000871) |
Cheers,