On Tuesday 2nd March 2021, Microsoft has released out-of-band security patches for Exchange Server to handle multiple zero-day vulnerabilities currently being exploited in active attacks.
Microsoft patch release states that the organization running Exchange Server 2013, 2016, and 2019 versions do not need to worry as these vulnerabilities in on-premises Exchange Servers are not affected.
What is patching, and why is it important?
Patches are the software codes written to fix a bug in a software application that might lead to a vulnerability. These vulnerabilities are loopholes in applications for attackers to invade business-critical data and information. It is highly recommended to regularly update all the applications in a network to their latest versions as updating applications will prevent theft of personal data through security flaws.
What are CVE IDs?
Common Vulnerabilities and Exposure ID (CVE ID) is a format in which each vulnerability is disclosed and categorized in the National Vulnerability Database (NVD). For a detailed explanation of each vulnerability in the NVD, you can look up these CVE IDs.
CVE ID helps Patch Manager Plus retrieve the appropriate patches necessary for deployment.
An announcement by the Microsoft Security Response Center (MSRC) listed the Knowledge Base articles for the four out-of-band security patches as follows:
- CVE-2021-26855 | Microsoft Exchange Server Remote Code Execution Vulnerability (public)
- CVE-2021-26857 | Microsoft Exchange Server Remote Code Execution Vulnerability (public)
- CVE-2021-26858 | Microsoft Exchange Server Remote Code Execution Vulnerability (public)
- CVE-2021-27065 | Microsoft Exchange Server Remote Code Execution Vulnerability (public)
To patch these vulnerabilities, install the latest Exchange Cumulative Updates and configure the relevant security updates on each Exchange Server.
Microsoft has recommended taking immediate action to apply the patches for on-premises Exchange deployments to minimize or avoid impacts for this situation. If you are managing Exchange for customers, alert them for Microsoft patch release and guide them about the steps they need to take. The priority for these patch deployments should be the servers accessible through the internet (e.g., servers publishing Outlook on the web/OWA and ECP).
Do You Need Help?
Kidan aims to help organizations solve, mitigate, or patch these zero-day vulnerabilities. We have highly specialized cybersecurity consultants with accredited security certifications to assess cybersecurity risks, problems, and solutions for organizations and guide them in protecting and securing their physical capital and data.
You can find more information below:
Kidan’s Contact Information:
Connect with us: