Microsoft released patches for four new vulnerabilities for MS Exchange (2013/16/19) in the night from 13 to 14 April. The vulnerabilities are again classified as “critical”. They allow attackers to gain access to the Exchange server via an authentication bypass vulnerability.
Currently, no exploits have been spotted, but this is expected to follow soon. We therefore urgently recommend that you implement the available updates immediately.
All updates and further important information by Microsoft can be found here: https://techcommunity.microsoft.com/t5/exchange-team-blog/released-april-2021-exchange-server-security-updates/ba-p/2254617
We are looking forward to hearing from you!
IKARUS Security Software GmbH
+43 (0) 1 58995-500