{"id":19317,"date":"2021-03-17T01:55:16","date_gmt":"2021-03-17T00:55:16","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=19317"},"modified":"2021-03-17T10:02:21","modified_gmt":"2021-03-17T09:02:21","slug":"exchange-server-2013-sicherheitsupdate-fr-service-pack-1","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2021\/03\/17\/exchange-server-2013-sicherheitsupdate-fr-service-pack-1\/","title":{"rendered":"Security update for Exchange Server 2013 SP1; CUs for Exchange 2019 and 2016 (03\/16\/2021)"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" height=\"47\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2021\/03\/17\/exchange-server-2013-sicherheitsupdate-fr-service-pack-1\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]Microsoft released a security advisory to revise its outdated updates for older CUs for on-premises Microsoft Exchange Servers (which have already fallen out of support). Specifically, Microsoft has released a security update for the out-of-support Microsoft Exchange Server 2013 Service Pack 1. <strong>Addendum:<\/strong> In addition, CU 9 for Exchange Server 2019 and CU 20 for Exchange Server 2016 have been released.<\/p>\n<h2><!--more-->Update for Exchange Server 2013 SP 1<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg08.met.vgwort.de\/na\/ada72dec78be4aeba3413fe9de95b8c0\" alt=\"\" width=\"1\" height=\"1\" \/>A new security update has been released for Exchange Server 2013 Service Pack 1 according to the following security advisory.<br \/>\n***************************************************************<br \/>\n<img \/> Issued: March 16, 2021<br \/>\n***************************************************************<\/p>\n<p>Summary<br \/>\n=======<\/p>\n<p>The following CVEs have undergone a major revision increment:<\/p>\n<p>Critical CVEs<br \/>\n============================<\/p>\n<p>*\u00a0 <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-26855\" target=\"_blank\" rel=\"noopener\">CVE-2021-26855<\/a><br \/>\n*\u00a0 <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-27065\" target=\"_blank\" rel=\"noopener\">CVE-2021-27065<\/a><br \/>\n* <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-26857\" target=\"_blank\" rel=\"noopener\">CVE-2021-26857<\/a><\/p>\n<p>Important CVEs<br \/>\n============================<\/p>\n<p>* <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-26858\" target=\"_blank\" rel=\"noopener\">CVE-2021-26858<\/a><\/p>\n<p>Publication information<br \/>\n===========================<\/p>\n<p>&#8211; Microsoft Exchange Server Remote Code Execution Vulnerability<br \/>\n&#8211; See preceding list for links<br \/>\n&#8211; Version 5.0<br \/>\n&#8211; Reason for Revision: Microsoft is releasing a security update for CVE-2021-27065,<br \/>\nCVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for Microsoft Exchange Server<br \/>\n2013 Service Pack 1. This update addresses only those CVEs. Customers who want to be<br \/>\nprotected from these vulnerabilities can apply this update if they are not on a<br \/>\nsupported cumulative update. Microsoft strongly recommends that customers update to<br \/>\nthe latest supported cumulative updates.<br \/>\n&#8211; Originally posted: March 2, 2021<br \/>\n&#8211; Updated: March 16, 2021<\/p>\n<h2>New CUs for Exchange Server 2016\/2019<\/h2>\n<p><strong>Addendum<\/strong>: As of March 16, 2021, Microsoft has also released the following quarterly cumulative updates for Exchange Server 2016\/2019.<\/p>\n<ul>\n<li><a href=\"https:\/\/support.microsoft.com\/help\/4602569\" target=\"_blank\" rel=\"noopener noreferrer external\" data-wpel-link=\"external\">KB4602569<\/a>: for Exchange Server 2016 CU 20<\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/help\/4602570\" target=\"_blank\" rel=\"noopener noreferrer external\" data-wpel-link=\"external\">KB4602570<\/a>: for Exchange Server 2019 CU 9<\/li>\n<\/ul>\n<p>Microsoft has published the Techcommunity article <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/exchange-team-blog\/released-march-2021-quarterly-exchange-updates\/ba-p\/2205283\" target=\"_blank\" rel=\"noopener external noreferrer\" data-wpel-link=\"external\">Released: March 2021 Quarterly Exchange Updates<\/a>. There Microsoft recommend that administrators test these cumulative updates before rolling them out. Thanks to the user for the comment in my German blog and Toni for the mail.<\/p>\n<p><strong>Similar articles<\/strong><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2021\/03\/03\/exchange-server-0-day-exploits-werden-aktiv-ausgenutzt-patchen\/\">Exchange server 0-day exploits are actively exploited<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2021\/03\/06\/wichtige-hinweise-microsofts-und-des-bsi-zum-exchange-server-sicherheitsupdate-mrz-2021\/\">Important notes from Microsoft regarding the Exchange server security update (March 2021)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2021\/03\/06\/exchange-probleme-mit-ecp-nach-sicherheitsupdate-mrz-2021\/\">Exchange isues with ECP\/OWA search after installing security update (March 2021)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2021\/03\/07\/neues-zum-exchange-hack-testtools-von-microsoft-co\/\">Exchange Hack News \u2013 Test tools from Microsoft and others<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2021\/03\/08\/microsoft-msert-hilft-bei-exchange-server-scans\/\">Microsoft MSERT helps to scan Exchange Servers<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2021\/03\/08\/cyber-angriff-auf-exchange-server-der-europische-bankenaufsichtsbehrde\/\">Cyber attack on Exchange server of the European Banking Authority<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2021\/03\/09\/exchange-hack-neue-patches-und-neue-erkenntnisse\/\">Exchange hack: new patches and new findings<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2020\/09\/16\/exchange-server-remote-code-execution-schwachstelle-cve-2020-16875\/\">Exchange Server: Remote Code Execution Vulnerability CVE-2020-16875<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2021\/03\/11\/exchange-hack-neue-opfer-neue-patches-neue-angriffe\/\">Exchange hack: new victims, new patches, new attacks<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2021\/03\/13\/neues-zur-proxylogon-hafnium-exchange-problematik-12-3-2021\/\">Update on ProxyLogon hafnium exchange issue (March 12, 2021)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2021\/03\/14\/gab-es-beim-exchange-massenhack-ein-leck-bei-microsoft\/\">Was there a leak at Microsoft in the Exchange mass hack?<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2021\/03\/15\/proxylogon-hack-repository-fr-betroffene-exchange-administratoren\/\">ProxyLogon hack: Administrator's Repository for affected Exchange systems<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2021\/03\/16\/microsoft-exchange-on-premises-one-click-mitigation-tool-eomt-freigegeben\/\">Microsoft Exchange (On-Premises) one-click Mitigation Tool (EOMT) released<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Microsoft released a security advisory to revise its outdated updates for older CUs for on-premises Microsoft Exchange Servers (which have already fallen out of support). Specifically, Microsoft has released a security update for the out-of-support Microsoft Exchange Server 2013 Service &hellip; <a href=\"https:\/\/borncity.com\/win\/2021\/03\/17\/exchange-server-2013-sicherheitsupdate-fr-service-pack-1\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,1547,22],"tags":[869,69,195],"class_list":["post-19317","post","type-post","status-publish","format-standard","hentry","category-security","category-software","category-update","tag-exchange","tag-security","tag-update"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/19317","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=19317"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/19317\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=19317"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=19317"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=19317"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}