Microsoft Pushes Patches for Older Versions of Exchange Server

  /     /     /  
Publicated : 23/11/2024   Category : security


Microsoft Pushes Patches for Older Versions of Exchange Server


Additional patches arrive as CISA issues an alert urging all organizations to immediately patch the Microsoft Exchange vulnerabilities.



Microsoft has deployed another series of Exchange Server security updates, which can be applied to some older and unsupported cumulative updates, to protect older versions of Exchange Server as attackers continue to scan for and exploit critical flaws patched last week. 
The company has already issued emergency fixes for CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065 in Microsoft Exchange Server versions 2013, 2016, and 2019. Now, its patching the same vulnerabilities in versions of Exchange Server it no longer supports.
In a blog post, Microsoft says these update packages only contain fixes for these four CVEs and do not include other product updates or security fixes. These updates are meant as a temporary measure to protect vulnerable machines; admins must still keep their environments current. Admins need to update to the latest supported cumulative update, then apply the necessary security update. Those who are midupdate to a later cumulative update should proceed with that update.
These updates are available only via Microsoft Download Center, not on Microsoft Update.
The same day Microsoft released these patches, the Department of Homeland Securitys Cybersecurity & Infrastructure Security Agency (CISA) issued an
alert
urging all organizations to immediately address the Exchange Server flaws. Officials note the exploitation is widespread and indiscriminate and advise IT teams to follow the guidance on its Remediating Microsoft Exchange Vulnerabilities
webpage
.
Read more of Microsofts guidance
here
and
here
.

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Microsoft Pushes Patches for Older Versions of Exchange Server