Urgent Exchange 2019/2016/2013 Security Patch November 2021 KB5007409

The estimated reading time 1 minutes

Another very important security patch is enrolled the last 24 hours for Exchange 2013/2016/2019. See CVE-2021-42321. This CVE is also known als Remote Code Execution vulnerability.

If you want to know some more information about this Exchange Update and the vulnerabilities see this link:

Just choose your exchange version and download this patch from one of this links:

  • Exchange Server 2013 CU23
  • Exchange Server 2016 CU21 and CU22
  • Exchange Server 2019 CU10 and CU11

As seen in some patches before Exchange Online Organisations are not affected and have been patched already.

NOTE: If installing security patch manually you need to do it with an elevated prompt!!!

If you want to know whether you may already be attacked, have a look at your eventlog or use the following powershell script:

Get-WinEvent -FilterHashtable @{ LogName='Application'; ProviderName='MSExchange Common'; Level=2 } | Where-Object { $_.Message -like "*BinaryFormatter.Deserialize*" }

BTW: there is no need to install SU October you can directly install November SU KB

See also Exchange Build Numbers to get an overview to the latest exchange CUs and patches:


Another helpful tool is to use the Exchange healtchecker https://aka.ms/ExchangeHealthChecker

Print Friendly, PDF & Email
Was this article helpful?
5 2 votes
Article Rating
Notify of
Oldest Most Voted
Inline Feedbacks
View all comments
1 year ago

[…] Urgent Exchange 2019/2016/2013 Security Patch November … […]

2 years ago

[…] UPDATE 11/11/2021 link to november patch 2021 […]

2 years ago

after installed KB KB5007409Nov 21 patch ecp not working on exchange 2013 CU 23,

please help