Apply Microsoft April 2021 Security Update to Mitigate Newly Disclosed Microsoft Exchange Vulnerabilities

Author:
April 20, 2021

Recently, Microsoft has released software updates to mitigate significant vulnerabilities for on-premise Exchange 2013, 2016, and 2019 servers. A threat actor could use these vulnerabilities to gain access and maintain persistence on the target server. It should be noted that these Microsoft Exchange vulnerabilities are different from ones discovered and patched in March of 2021 and the March releases will not remediate these vulnerabilities. Due to the level of permission that Exchange manages inherently, and the content on these servers (potentially sensitive information), Exchange servers are the primary target for adverse activity.

We strongly recommend patching Exchange with the latest updates from April 13, 2021. Here is the description of the security update for Microsoft Exchange Server 2019, 2016, and 2013 (KB5001779) as well as the list of updates. The list is below as well for your convenience.

KB Article:Applies To:4504715SharePoint Server 2019 Language Pack4504716SharePoint Server 20195001330Windows 10, Version 2004, Windows Server, Version 2004, Windows 10, Version 20H2, Windows Server, Version 20H25001332Windows Server 2008 (security-only update)5001335Windows 7, Windows Server 2008 R2 (Monthly Rollup)5001337Windows 10, Version 1909, Windows Server, Version 19095001342Windows 10, Version 1809, Windows Server 20195001347Windows 10, Version 1607, Windows Server 20165001382Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Monthly Rollup)5001383Windows Server 2012 (Security-only update)5001387Windows Server 2012 (Monthly Rollup)5001389Windows Server 2008 (Monthly Rollup)5001392Windows 7, Windows Server 2008 R2 (Security-only update)5001393Windows 8.1, Windows RT 8.1, Windows Server 2012 R2 (Security-only update)5001779Microsoft Exchange Server 2019, 2016, 2013

Please ensure that you have implemented all of the above security updates that apply to your environment. If you have questions or need assistance deploying the updates, please contact the EDCi Technical Support Services Center at (800) 332-3553 or Support@edci.com. We are here to help!

Meet the Author
Connect on LinkedIn

Hope you found our EDCi insights interesting and informative.

If you did, why not subscribe for more related content? Don't miss out on the latest updates and exclusive insights!
Thanks for joining EDCi's insights.
Oops! Something went wrong while submitting the form.