Security News > 2021 > November > Microsoft urges Exchange admins to patch bug exploited in the wild
Microsoft warned admins today to immediately patch a high severity Exchange Server vulnerability that may allow authenticated attackers to execute code remotely on vulnerable servers.
The security flaw tracked as CVE-2021-42321 impacts Exchange Server 2016 and Exchange Server 2019, and it is caused by improper validation of cmdlet arguments according to Redmond's security advisory.
CVE-2021-42321 only affects on-premises Microsoft Exchange servers, including those used by customers in Exchange Hybrid mode.
"We are aware of limited targeted attacks in the wild using one of the vulnerabilities, which is a post-authentication vulnerability in Exchange 2016 and 2019," Microsoft explained.
In September, Microsoft has added a new Exchange Server feature named Microsoft Exchange Emergency Mitigation that provides automated protection for vulnerable Exchange servers.
While Redmond said that it would use this new feature to mitigate actively exploited flaws like CVE-2021-42321, today's advisory and the blog post regarding this month's Exchange Server security updates don't include any mentions of Exchange EM being put to use.
News URL
Related news
- Microsoft 365 outage impacts Exchange Online, Teams, Sharepoint (source)
- Microsoft re-releases Exchange updates after fixing mail delivery (source)
- Microsoft says premature patch could make Windows Recall forget how to work (source)
- Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws (source)
- Microsoft holds last Patch Tuesday of the year with 72 gifts for admins (source)
- Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability (source)
- Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others (source)
- What Is Patch Tuesday? Microsoft’s Monthly Update Explained (source)
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-10 | CVE-2021-42321 | Unspecified vulnerability in Microsoft Exchange Server 2016/2019 Microsoft Exchange Server Remote Code Execution Vulnerability | 0.0 |