Microsoft Exchange team releases Exchange Server Security Updates (SUs) when vulnerabilities are discovered. You don't…
Microsoft released several security updates (SUs) for Microsoft Exchange Server to address vulnerabilities. Due to the critical nature of these vulnerabilities, we recommend that customers apply the updates to affected systems immediately to protect the environment.
These vulnerabilities affect Microsoft Exchange Server. Exchange Online is not affected.
Microsoft has released a set of out of band security updates for vulnerabilities for the following versions of Exchange Server:
- Exchange Server 2013
- Exchange Server 2016
- Exchange Server 2019
Security updates are available for the following specific versions of Exchange:
Read more on how to Install Exchange Security Update.
If you are not at these Exchange Server CU versions, please update right now and apply the above patch.
Read more on how to Install Cumulative Update Exchange.
Vulnerabilities addressed in the April 2021 security updates were responsibly reported to Microsoft by a security partner. Although we are not aware of any active exploits in the wild, our recommendation is to install these updates immediately to protect your environment.
We recommend prioritizing installing updates on Exchange Servers that are externally facing. All affected Exchange Servers should ultimately be updated.
Further information and guidance