What is it?
Microsoft Exchange Server (2013, 2016 and 2019… various updates) has a memory handling vulnerability that allows an attacker to execute an operating system command remotely.
An error in the software allows senders to bypass authentication, and execute commands remotely.
Details of this vulnerability have not been made public
Why is it a risk?
An attacker who successfully exploited this vulnerability could execute arbitrary code in the context of the System account.
This is considered a CRITICAL vulnerability.
How can you mitigate the risk?
Patch your Microsoft Exchange Server to the latest version.
There is a link below to the “One-Click Microsoft Exchange On-Premises Mitigation Tool”; as of March 2021, this is the recommended method for patching your on-premises MS Exchange Server.
The Microsoft Safety Scanner Download link below provides a useful tool for testing your Exchange Server for a variety of security related risks.
Resources:
Microsoft One-Click Microsoft Exchange On-Premises Mitigation Tool
https://msrc-blog.microsoft.com/2021/03/15/one-click-microsoft-exchange-on-premises-mitigation-tool-march-2021/
Microsoft Safety Scanner Download
https://docs.microsoft.com/en-us/microsoft-365/security/intelligence/safety-scanner-download?view=o365-worldwide
