Table of Contents
Microsoft - Exchange Server - Security
Exchange Security Update Helper
See Microsoft Security Response Center (MSRC) - Security Update Guide and filter on Exchange Server for the latest security updates to Exchange Server.
Microsoft Exchange Team Blog - Why Exchange Server updates matter
Microsoft Support - Results for "Description of the security update for Microsoft Exchange Server"
Exchange Server Emergency Mitigation
Microsoft Exchange Team Blog - New security feature in September 2021 Cumulative Update for Exchange Server
Microsoft Exchange Team Blog - Addressing Your Feedback on the Exchange Emergency Mitigation Service
Microsoft Exchange Team Blog - Released: September 2021 Quarterly Exchange Updates and Microsoft Support - Cannot log in to OWA or ECP after July 2021 SU for Exchange Server 2019, 2016, and 2013 (KB 5005341)
CVE-2023-28310, CVE-2023-32031
- CVE-2023-28310 - Microsoft Exchange Server Remote Code Execution Vulnerability, CVSS 8.0.
- CVE-2023-32031 - Microsoft Exchange Server Remote Code Execution Vulnerability, CVSS 8.8
Microsoft Exchange Team Blog - Released: June 2023 Exchange Server Security Updates
CVE-2023-21710, CVE-2023-21707, CVE-2023-21706, and CVE-2023-21529
- CVE-2023-21529 - Microsoft Exchange Server Remote Code Execution Vulnerability, CVSS 8.8.
- CVE-2023-21706 - Microsoft Exchange Server Remote Code Execution Vulnerability, CVSS 8.8.
- CVE-2023-21707 - Microsoft Exchange Server Remote Code Execution Vulnerability, CVSS 8.8.
- CVE-2023-21710 - Microsoft Exchange Server Remote Code Execution Vulnerability, CVSS 7.2.
Microsoft Exchange Team Blog - Released: February 2023 Exchange Server Security Updates
Microsoft Support - Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: February 14, 2023 (KB5023038)
CVE-2022-23277, CVE-2022-24463
- CVE-2022-23277 - Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2022-24463 - Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Team Blog - Released: March 2022 Exchange Server Security Updates Microsoft Support - Description of the security update for Microsoft Exchange Server 2013: March 8, 2022 (KB5010324)
CVE-2022-21846, CVE-2022-21855, CVE-2022-21969
- CVE-2022-21846 - Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2022-21855 - Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2022-21969 - Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Team Blog - Released: January 2022 Exchange Server Security Updates
Microsoft Support -
Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: January 11, 2022 (KB5008631)
CVE-2021-41349, CVE-2021-42305, CVE-2021-42321
- CVE-2021-41349 - Microsoft Exchange Server Spoofing Vulnerability
- CVE-2021-42305 - Microsoft Exchange Server Spoofing Vulnerability
- CVE-2021-42321 - Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Team Blog - Released: November 2021 Exchange Server Security Updates
Microsoft Support - Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: November 9, 2021 (KB5007409)
CVE-2021-26427, CVE-2021-34453, CVE-2021-41348, CVE-2021-41350
Microsoft Exchange Team Blog - Released: October 2021 Exchange Server Security Updates
Microsoft Support -
Description of the security update for Microsoft Exchange Server 2019 and 2016: October 12, 2021 (KB5007012)
CVE-2021-3210[7,9],CVE-2021-3119[5,8]
Microsoft - Exchange Team Blog - Released: May 2021 Exchange Server Security Updates
Microsoft Support - Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: May 11, 2021 (KB5003435)
CVE-2021-2848[0-3] + CVE-2021-34473 + CVE-2021-34523, CVE-2021-33766
Multiple remote code execution vulnerabilities in Exchange Server 2013, 2016, 2019.
- CVE-2021-28480 - Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-28481 - Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-28482 - Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-28483 - Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-34473 - Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2021-34523 - Microsoft Exchange Server Elevation of Privilege Vulnerability
- CVE-2021-33766 - Microsoft Exchange Information Disclosure Vulnerability
Microsoft - Exchange Team Blog - Released: April 2021 Exchange Server Security Updates
Microsoft Security Response Center - April 2021 Update Tuesday packages now available
Microsoft Support - Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: April 13, 2021 (KB5001779)
NCSC - NCSC-2021-0314 - Kwetsbaarheden verholpen in Microsoft Exchange Server
tweakers.net - Microsoft waarschuwt opnieuw voor ernstige kwetsbaarheden in Exchange
CVE-2021-2685[5,7-8],CVE-2021-27065
Microsoft Security Blog - HAFNIUM targeting Exchange Servers with 0-day exploits
Microsoft Security Response Center - On-Premises Exchange Server Vulnerabilities Resource Center – updated March 25, 2021
Microsoft Security Response Center - Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities
tweakers.net - Microsoft dicht zerodays in Exchange 'die misbruikt zijn door Chinese hackers'