Microsoft Exchange Security Update
Date of Notice: 11/10/2021
Action Level - Important
Description
MCNC would like to make you aware of an Exchange vulnerability recently disclosed by Microsoft. This vulnerability affects Exchange Server 2016 & 2019 and could allow an authenticated attacker to execute code remotely on a vulnerable server. Microsoft is aware of targeted attacks using this vulnerability and recommends installing updates immediately
Affected Software
- Microsoft Exchange Server 2016
- Microsoft Exchange Server 2019
Attack Vector
An attacker with authenticated remote access to a vulnerable server.
Attack Feasibility
There are reports that this issue is being actively exploited in targeted attacks.
Mitigations
There are no known mitigations or workarounds to address this vulnerability.
Remediation
Microsoft has released cumulative updates for Exchange Server 2016 and 2019 to remediate this vulnerability. A blog post by the MS Exchange team also provides a PowerShell query that can be run on an Exchange server to verify whether this exploit has been attempted on the server. Microsoft recommends patching and checking for exploit attempts as soon as possible.
Vendor Resources