Security News > 2021 > November > Microsoft urges Exchange admins to patch bug exploited in the wild

Microsoft warned admins today to immediately patch a high severity Exchange Server vulnerability that may allow authenticated attackers to execute code remotely on vulnerable servers.

The security flaw tracked as CVE-2021-42321 impacts Exchange Server 2016 and Exchange Server 2019, and it is caused by improper validation of cmdlet arguments according to Redmond's security advisory.

CVE-2021-42321 only affects on-premises Microsoft Exchange servers, including those used by customers in Exchange Hybrid mode.

"We are aware of limited targeted attacks in the wild using one of the vulnerabilities, which is a post-authentication vulnerability in Exchange 2016 and 2019," Microsoft explained.

In September, Microsoft has added a new Exchange Server feature named Microsoft Exchange Emergency Mitigation that provides automated protection for vulnerable Exchange servers.

While Redmond said that it would use this new feature to mitigate actively exploited flaws like CVE-2021-42321, today's advisory and the blog post regarding this month's Exchange Server security updates don't include any mentions of Exchange EM being put to use.

News URL

https://www.bleepingcomputer.com/news/microsoft/microsoft-urges-exchange-admins-to-patch-bug-exploited-in-the-wild/