Microsoft Exchange Server Remote Code Execution Vulnerability Alert
Vulnerability Detail
CVE-2021-28480/CVE-2021-28482/CVE-2021-28483/CVE-2021-28484: Microsoft Exchange Server Remote Code Execution Vulnerability
Attackers can use this vulnerability to bypass Exchange authentication and achieve the effect of command execution without user interaction. At the same time, these vulnerabilities are worm-level, so they can spread horizontally among Exchange servers on the intranet. Users must update them as soon as possible.
Affected version
- Microsoft Exchange: 2013/2016/2019
Solution
In this regard, Microsoft has officially released a patch update for this vulnerability. User can download the patch through the following link according to its Exchange version: