Microsoft closes more gaps in Exchange servers
Microsoft already informed about security vulnerabilities in Exchange servers in March and provided corresponding patches. Now, further security vulnerabilities have emerged that need to be closed immediately.
As it became known, the new vulnerabilities affect versions of Exchange Server of 2013, 2016 and 2019. Last Tuesday, Microsoft informed about it and released the necessary updates for it. The National Cyber Security Center (NCSC) sent the necessary information to critical infrastructure operators on Tuesday.
Apparently, there are no known malware programs that already exploit the gaps, so it is still important to apply the patches immediately.
- CVE-2021-28480: Exchange Server RCE Vulnerability
- CVE-2021-28481: Exchange Server RCE Vulnerability
- CVE-2021-28482: Exchange Server RCE Vulnerability
- CVE-2021-28483: Exchange Server RCE Vulnerability
The NCSC advises to make sure to apply the latest patches.
(Visited 55 times, 1 visits today)
