Security News > 2021 > November > Microsoft urges Exchange admins to patch bug exploited in the wild

Microsoft warned admins today to immediately patch a high severity Exchange Server vulnerability that may allow authenticated attackers to execute code remotely on vulnerable servers.
The security flaw tracked as CVE-2021-42321 impacts Exchange Server 2016 and Exchange Server 2019, and it is caused by improper validation of cmdlet arguments according to Redmond's security advisory.
CVE-2021-42321 only affects on-premises Microsoft Exchange servers, including those used by customers in Exchange Hybrid mode.
"We are aware of limited targeted attacks in the wild using one of the vulnerabilities, which is a post-authentication vulnerability in Exchange 2016 and 2019," Microsoft explained.
In September, Microsoft has added a new Exchange Server feature named Microsoft Exchange Emergency Mitigation that provides automated protection for vulnerable Exchange servers.
While Redmond said that it would use this new feature to mitigate actively exploited flaws like CVE-2021-42321, today's advisory and the blog post regarding this month's Exchange Server security updates don't include any mentions of Exchange EM being put to use.
News URL
Related news
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Microsoft investigates global Exchange Admin Center outage (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- Microsoft: Exchange 2016 and 2019 reach end of support in six months (source)
- Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025 (source)
- Microsoft fixes Exchange Online bug flagging Gmail emails as spam (source)
- US indicts Black Kingdom ransomware admin for Microsoft Exchange attacks (source)
- Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws (source)
- Patch Tuesday: Microsoft fixes 5 actively exploited zero-days (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-10 | CVE-2021-42321 | Unspecified vulnerability in Microsoft Exchange Server 2016/2019 Microsoft Exchange Server Remote Code Execution Vulnerability | 0.0 |