NSA Alerted Microsoft to New Exchange Server Vulnerabilities

Microsoft today patched 114 CVEs to address the Exchange Server flaws, more than 50 remote code execution vulnerabilities, and one zero-day.

Microsoft today issued fixes for 114 vulnerabilities as part of its monthly security update release, which this month addressed 19 critical flaws, four critical Microsoft Exchange Server bugs found by the National Security Agency (NSA), and one zero-day bug in Desktop Window Manager.
The patches released today address flaws in Microsoft Windows, the Edge browser, Microsoft Office, Azure and Azure DevOps Server, Exchange Server, SharePoint Server, Hyper-V, Visual Studio, and Team Foundation Server. None of the bugs were disclosed at the
recent Pwn2Own
.
CVE-2021-28310
, a Win32k elevation of privilege vulnerability, is the only CVE under active attack patched this month. Kaspersky researchers
who found it
believe its potentially being used in the wild by several attackers. They note its likely used with other browser exploits to escape sandboxes or achieve system privileges; however, they did not capture a full chain so are unable to confirm the full attack sequence.
Attack complexity for this vulnerability is low, according to Microsoft, and it requires low-level privileges. An attacker would have to access the target system locally or remotely, or rely on a user to run the malicious code for them.
Todays patches also addressed four critical remote code execution vulnerabilities in Microsoft Exchange Server:
CVE-2021-28480
,
CVE-2021-28481
,
CVE-2021-28482
, and
CVE-2021-28483
. All of these were discovered by the NSA and affect Exchange Server versions 2013 through 2019.
CVE-2021-28480 and CVE-2021-28481 have a CVSS score of 9.8 and require no authorization or user interaction to exploit. Dustin Childs of Trend Micros Zero-Day Initiative
notes this
CVSS score is higher than the scores for the Exchange Server vulnerabilities disclosed last month, and given that Microsoft lists the attack vector as Network, its likely they are wormable - at least between Exchange Servers. Considering they came from the NSA, patching should be a priority.
We have not seen the vulnerabilities used in attacks against our customers,
Microsoft says
of the on-premise Exchange Server flaws patched today. However, given recent adversary focus on Exchange, we recommend customers install the updates as soon as possible to ensure they remain protected from these and other threats. Exchange Online users are already protected.
Microsoft has also identified a whopping 27 remote code execution flaws in Remote Procedure Call, a protocol that lets a program request service from a program on another machine in the same network. Of these, 12 are rated as Critical and 15 are categorized at Important in severity.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
NSA Alerted Microsoft to New Exchange Server Vulnerabilities