The estimated reading time 1 minutes

Another very important security patch is enrolled the last 24 hours for Exchange 2013/2016/2019. See CVE-2021-42321. This CVE is also known als Remote Code Execution vulnerability.

If you want to know some more information about this Exchange Update and the vulnerabilities see this link:
https://techcommunity.microsoft.com/t5/exchange-team-blog/released-november-2021-exchange-server-security-updates/ba-p/2933169

Just choose your exchange version and download this patch from one of this links:

  • Exchange Server 2013 CU23
  • Exchange Server 2016 CU21 and CU22
  • Exchange Server 2019 CU10 and CU11

As seen in some patches before Exchange Online Organisations are not affected and have been patched already.

NOTE: If installing security patch manually you need to do it with an elevated prompt!!!

If you want to know whether you may already be attacked, have a look at your eventlog or use the following powershell script:

Get-WinEvent -FilterHashtable @{ LogName='Application'; ProviderName='MSExchange Common'; Level=2 } | Where-Object { $_.Message -like "*BinaryFormatter.Deserialize*" }

BTW: there is no need to install SU October you can directly install November SU KB

See also Exchange Build Numbers to get an overview to the latest exchange CUs and patches:

https://docs.microsoft.com/en-us/exchange/new-features/build-numbers-and-release-dates?view=exchserver-2019

Another helpful tool is to use the Exchange healtchecker https://aka.ms/ExchangeHealthChecker

Print Friendly, PDF & Email
  • Was this Helpful ?
  • yes   no