Microsoft Exchange Server 2016 and 2019 Remote Code Execution Vulnerability

On April 13th 2021 Microsoft released a software update to mitigate significant vulnerabilities that affect on-premises Exchange Servers 2013, 2016, and 2019. An attacker could use these vulnerabilities to gain access and maintain persistence on the target host. These vulnerabilities are different from the ones disclosed and fixed in March 2021 – the security updates released in March 2021 will not remediate against these vulnerabilities.

Given the powerful privileges that Exchange manages by default and the amount of potentially sensitive information that is stored in Exchange servers , Exchange servers are a primary target for adversary activity.

The issued security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see below :-

You can find out more information and download the updates manually here.

Jason Davies

UK based technology professional, with an interest in computer security and telecoms.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: