Update to Alert 138 - Multiple Vulnerabilities in Microsoft Exchange Server

  • CERT Admin
  • Tue Mar 09 2021
  • Alerts

Systems Affected 

  ✻  Microsoft exchange server 2019 cumulative update 7
  ✻  Microsoft exchange server 2019 cumulative update 8
  ✻  Microsoft exchange server 2016 cumulative update 18
  ✻  Microsoft exchange server 2016 cumulative update 19
  ✻  Microsoft exchange server 2013 cumulative update 23 

Threat Level 



The alert update is released by 'Cybersecurity and Infrastructure Security Agency, US'


Everyone using Microsoft Exchange on-premise products must
  ✻  Check for signs of compromise
  ✻  Immediately patch Microsoft Exchange with the vendor released patch
  ✻  If unable to patch, remove the products from the network immediately
  ✻  Upgrade to the latest supported version of Microsoft Exchange 

Solution/ Workarounds 

Actions for IT Admins/Staff
Please follow the recommended steps
     ✻  Patch ALL instances of Microsoft Exchange that you are hosting.
     ✻  If you can't patch then follow the recommendations Microsoft issued
by Microsoft Exchange Server Vulnerabilities Mitigations,March 2021,Microsoft Security Response Center.  
     ✻  Check for indicators of compromise by running the following script in the given link
   ✻  If you haven't been compromised we strongly recommend enhanced monitoring of network connections to your Exchange environment  


✻  https://us-cert.cisa.gov/ncas/alerts/aa21-062a
✻  https://us-cert.cisa.gov/ncas/current-activity/2021/03/05/microsoft-releases-alternative-mitigations-exchange-server 


The information provided herein is on "as is" basis, without warranty of any kind. 

Last updated: Mon Apr 19 2021