Here we go again š !!
Microsoft has released security updates for vulnerabilities found in:
- Exchange Server 2013
- Exchange Server 2016
- Exchange Server 2019
These updates are available for the following specific builds of Exchange Server:
IMPORTANT:Ā If manually installing security updates, youĀ mustĀ install .msp from elevated command prompt (see Known Issues in update KB article).
- Exchange Server 2013Ā CU23
- Exchange Server 2016Ā CU19Ā andĀ CU20
- Exchange Server 2019Ā CU8Ā andĀ CU9
Vulnerabilities addressed in the April 2021 security updates were responsibly reported to Microsoft by a security partner. Although they are not aware of any active exploits in the wild, their recommendation is to install these updates immediately to protect your environment.
These vulnerabilities affect Microsoft Exchange Server. Exchange Online customers are already protected and do not need to take any action.
Inventory your Exchange Servers
Use theĀ Exchange Server Health Checker script, which can be downloaded from GitHub (use the latest release), to inventory your servers. Running this script will tell you if any of your Exchange Servers are behind on updates (CUs and SUs).
IMPORTANT: Read more here:
Sources:
April 2021 Update Tuesday packages now available ā Microsoft Security Response Center
Released: April 2021 Exchange Server Security Updates – Microsoft Tech Community