Hello, colleagues.
Please tell me, do these vulnerabilities affect all CU Exchange 2016? And are these vulnerabilities present in Exchange 2010?
Or did these vulnerabilities appear only in CU19 and CU20?
Hello, colleagues.
Please tell me, do these vulnerabilities affect all CU Exchange 2016? And are these vulnerabilities present in Exchange 2010?
Or did these vulnerabilities appear only in CU19 and CU20?
They appear in all versions of 2016. You need to upgrade to the latest CUs to fix the issues ASAP. Your server is probably under attack or will be soon.
One of the vulnerabilities exists for older versions as well:
https://techcommunity.microsoft.com/t5/exchange-team-blog/how-to-update-ad-schema-to-address-cve-2021-34470-if-exchange-is/ba-p/2617083
But you can only fix for all of them by being on a supported version of Exchange 2016 or 2019
Hello @04098287 ,
Good day!
For your questions, both CVE-2021-34473, CVE-2021-34523 were fixed in the SU of April 13, 2021 (KB5001779).
And CVE-2021-31207 was fixed in May 11, 2021 (KB5003435).
So, for the Exchange 2016, if you have upgraded to CU21(CU10 for Exchange 2019), you don't have to worry about that because it's a full installation patch of the previous CUs and SUs. The servers with below CU20 and CU9 could be attacked by the vulnerabilities. So it is suggested to install the newest CU and also the July SU:
https://techcommunity.microsoft.com/t5/exchange-team-blog/released-july-2021-exchange-server-security-updates/ba-p/2523421
As for Exchange 2010, the official document does not have anything about it except the article Andy has posted.
Best regards,
Lou
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi @04098287 ,
Do the suggestions above help? If the issue has been resolved, please click “Accept as answer” to mark the helpful reply as an answer, this will make answer searching in the forum easier and be beneficial to other community members as well.
If you are still stuck in this issue, please feel free to post your questions.
Regards,
Lou
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
9 people are following this question.