Microsoft warned admins today to immediately patch a high severity Exchange Server vulnerability that may allow authenticated attackers to execute code remotely on vulnerable servers.
The security flaw tracked as
CVE-2021-42321 impacts Exchange Server 2016 and Exchange Server 2019, and it is caused by improper validation of cmdlet arguments according to Redmond's security advisory.
CVE-2021-42321 only affects on-premises Microsoft Exchange servers, including those used by customers in Exchange Hybrid mode (Exchange Online customers are protected against exploitation attempts and don't need to take any further action).
"We are aware of limited targeted attacks in the wild using one of the vulnerabilities (
CVE-2021-42321), which is a
post-authentication vulnerability in Exchange 2016 and 2019," Microsoft explained.
"Our recommendation is to install these updates
immediately to protect your environment."
For a quick inventory of all Exchange servers in your environment behind on updates (CUs and SUs), you can use the latest version of the
Exchange Server Health Checker script.