Avatar of regsamp
regsamp asked on

CVE-2021-34473 Vulnerability found on Exchange 2016 Server

We had a firm run an independent scan on our Windows 2016/Exchange 2016 Server and the one weakness they found running a PIN test is listed below:

We are looking for any recommendations/advice to patch this vulnerability. Thank you.

Critical  
10 CVE  CVE-2021-34473 
IP(s)  

 
Description 
The Microsoft Exchange running on the remote host is affected by a remote code execution vulnerability. An unauthenticated remote attacker can exploit this to execute arbitrary code. 
Solution 
Microsoft has released the following security updates to address this issue:
 -KB5001799 
ExchangeWindows OSMicrosoft

Avatar of undefined
Last Comment
regsamp

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Seth Simmons

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
regsamp

"that KB article is an update for CU20
suggest going to CU21 (final CU) and the following security update released in July
Exchange has been a big hacker target in recent months so make sure you keep up with updates"

Do you know if we can bypass the CU 19 updates and the updates from May and right to the July CU updates?
Seth Simmons

this is the same July update for CU20
there is no July patch for CU19 since only the latest 2 CU updates are supported; you won't see any more updates for CU19

Security Update For Exchange Server 2016 CU20

https://www.microsoft.com/en-us/download/details.aspx?id=103310
ASKER
regsamp

So my question is if we are still on CU 19, do we have to do this update first:
https://www.microsoft.com/en-us/download/details.aspx?id=103001 or can we go to the updates you posted?
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
SOLUTION
Scott Silva

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER
regsamp

Scott, you are saying reboot the Exchange server and then install the following below in order, correct?

Cumulative Update 21 for Exchange Server 2016

https://www.microsoft.com/en-us/download/details.aspx?id=103242

Security Update For Exchange Server 2016 CU21

https://www.microsoft.com/en-us/download/details.aspx?id=103311
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
regsamp

"Correct. CU's are cummulative, so contain all prior CU's (but not necessarily all the fixes published independently).
So: Boot, CU, (Boot,) Security Fix for CU." Perfect. Thank you.