Patch Tuesday is here again and there are more Exchange updates to apply! A total of 114 vulnerabilities were fixed this month with more than half of them affecting all versions of Windows, with about half of them being remote code execution bugs, and about a fifth of them being rated as critical by Microsoft. Let's dive in!
New Exchange Server Patches Available
If you were only going to patch one thing today, please let it be this. Exchange Server has been a hot topic since the vulnerabilities announced in the out-of-band advisory back at the beginning of March saw widespread exploitation. The vulnerabilities this month were reported to Microsoft via the NSA in the interest of national security. The Exchange team has also released a very helpful blog post with instructions on how to patch from any version to the latest secure version. While these have not been exploited in the wild at the time of writing it is only a matter of time before someone reverse engineers the patches and gets up to no good.
CVEs: CVE-2021-28310, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483
Windows RPC Runtime
Next up we have a relatively high number of patches in the Windows Remote Procedure Call Runtime. There were 27 remote code execution vulnerabilities fixed this month. Someone was busy finding bugs! The RPC Runtime is available on ..
Support the originator by clicking the read the rest link below.
