Microsoft warns admins to immediately patch a high severity Exchange Server vulnerability that may allow authenticated attackers to execute code remotely on vulnerable servers.

The security flaw tracked as CVE-2021-42321 only affects on-premises Microsoft Exchange servers (2016 and 2019), including those used by customers in Exchange Hybrid mode. Exchange Online customers are protected against exploitation attempts and don't need to take any further action.

Microsoft's recommendation is to install the updates immediately.

Link to Microsoft Security Release

Link to Microsoft Update Guide

Please help us improve our website by providing your feedback