Microsoft urges Exchange admins to patch their on-prem servers now

Given the bug’s severity, Microsoft say patch now

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Microsofthas issued an urgent security update to patch a high severity vulnerability that affects multiple editions of their popularhosted email serverMicrosoft Exchange, and could be exploited to remotely execute code on vulnerable servers.

According to Microsoft, the security flaw, tracked as CVE-2021-42321, is caused by improper validation ofcmdletarguments.

“We are aware of limited targeted attacks in the wild using one of [the] vulnerabilities (CVE-2021-42321), which is a post-authentication vulnerability in Exchange 2016 and 2019. Our recommendation is to install these updates immediately to protect your environment,”sharesMicrosoft.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

It goes on to add that the bug only impacts on-premise Microsoft Exchange servers, including those used by customers in Exchange Hybrid mode. Users of the Exchange Online service are already protected against exploitation attempts, and can safely ignore the advisory.

Patch immediately

Reporting on the development,BleepingComputernotesthat Microsoft Exchange has been at the receiving end of two major campaigns, which have targeted different, but related vulnerabilities known as ProxyLogon and ProxyShell.

ProxyLogonwas first exploited by state-sponsored threat actors back in March to deploycryptominers,ransomware, and othermalware. Then in August, attackers once again were quick to capitalize after security researchers managed to demonstrate a working exploit that consisted of three chained vulnerabilities in Exchange collectively referred to asProxyShell.

Both issues have since been addressed, but the new vulnerability has once again given threat actors an opportunity to remotely attack unpatched servers, which would explain the urgency in Microsoft’s appeal to get admins to update their vulnerable installations without delay.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Shield your network against malicious traffic with the help of thesebest firewall apps and services

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

7 myths about email security everyone should stop believing

Best Usenet client of 2024

Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well