{"id":26948,"date":"2022-10-12T02:32:23","date_gmt":"2022-10-12T00:32:23","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=26948"},"modified":"2022-10-12T02:35:35","modified_gmt":"2022-10-12T00:35:35","slug":"exchange-server-sicherheitsupdates-11-oktober-2022","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2022\/10\/12\/exchange-server-sicherheitsupdates-11-oktober-2022\/","title":{"rendered":"Exchange Server security updates (October 11, 2022)"},"content":{"rendered":"<p><img decoding=\"async\" title=\"Update\" style=\"margin: 0px 10px 0px 0px\" border=\"0\" alt=\"Update\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/06\/Update-01.jpg\" align=\"left\">[<a href=\"https:\/\/www.borncity.com\/blog\/2022\/10\/12\/exchange-server-sicherheitsupdates-11-oktober-2022\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]Microsoft has released security updates for Exchange Server 2013, Exchange Server 2016 and Exchange Server 2019, effective October 11, 2022. These updates are intended to address vulnerabilities reported by external security partners or found by Microsoft. However, the 0-day vulnerabilities (ProxyNotShell) that have been known since late September 2022 will not be fixed. <\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"https:\/\/vg05.met.vgwort.de\/na\/8b1dcd379e1f4bf0874f55af3e4a483f\" width=\"1\" height=\"1\">Microsoft&nbsp; has published the Techcommunity post <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/exchange-team-blog\/released-october-2022-exchange-server-security-updates\/ba-p\/3646263\" target=\"_blank\" rel=\"noopener\">Released: October 2022 Exchange Server Security Updates<\/a> with a description of the security updates.<\/p>\n<p><a href=\"https:\/\/i.imgur.com\/MKeBwnu.png\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" title=\"Exchange security updates October 2022\" alt=\"Exchange security updates October 2022\" src=\"https:\/\/i.imgur.com\/MKeBwnu.png\" width=\"646\" height=\"332\"><\/a>  <\/p>\n<p>Security updates are available for the following Exchange Server CU versions.  <\/p>\n<ul>\n<li>Exchange Server 2013 <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?familyID=15fb9b27-c3d4-4f23-9e39-a4f30444f3f1\" target=\"_blank\" rel=\"noopener\">CU23<\/a>\n<li>Exchange Server 2016 <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?familyID=bcd6d182-6e4e-4d95-a54f-bb74071f29d9\" target=\"_blank\" rel=\"noopener\">CU22<\/a>, <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?familyID=3f0110e8-14c8-496a-bc2a-1a1675970eb1\" target=\"_blank\" rel=\"noopener\">CU23<\/a>\n<li>Exchange Server 2019 <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?familyID=39945af4-067e-4159-9d97-ba54bbbb8a28\" target=\"_blank\" rel=\"noopener\">CU11<\/a>, <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?familyID=7f879102-4572-41f1-b21a-d223d00cd813\" target=\"_blank\" rel=\"noopener\">CU12<\/a><\/li>\n<\/ul>\n<p>Microsoft does not mention in the Techcommunity post which vulnerabilities are closed. However, German blog reader Olli cites several CVEs from August 2022 CUs in <a href=\"https:\/\/www.borncity.com\/blog\/2022\/10\/11\/exchange-server-neue-0-day-nicht-notproxyshell-cve-2022-41040-cve-2022-41082\/#comment-133826\" target=\"_blank\" rel=\"noopener\">this comment<\/a>. This has also been noted in the user comments on the Exchange team's <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/exchange-team-blog\/released-october-2022-exchange-server-security-updates\/ba-p\/3646263\" target=\"_blank\" rel=\"noopener\">Techcommunity post<\/a>. The following CVEs, which were already addressed in the August 2022 update, are included (there seems to have been a re-release).&nbsp; <\/p>\n<ul>\n<li><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-21979\" target=\"_blank\" rel=\"noopener\">Microsoft Exchange Information Disclosure Vulnerability (CVE-2022-21979)<\/a>\n<li><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-21980\" target=\"_blank\" rel=\"noopener\">Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2022-21980)<\/a>\n<li><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-24516\" target=\"_blank\" rel=\"noopener\">Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2022-24516)<\/a>\n<li><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-24477\" target=\"_blank\" rel=\"noopener\">Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2022-24477)<\/a>\n<li><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-30134\" target=\"_blank\" rel=\"noopener\">Microsoft Exchange Information Disclosure Vulnerability (CVE-2022-30134)<\/a> <\/li>\n<\/ul>\n<p>As mentioned at the beginning, the 0-day vulnerabilities (ProxyNotShell) that have been known since the end of September 2022 are not eliminated, howeverNote that the Exchange servers are updated to the current CU before the October 2022 updates are installed (see the graphic above and the <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/exchange-team-blog\/released-october-2022-exchange-server-security-updates\/ba-p\/3646263\" target=\"_blank\" rel=\"noopener\">note<\/a> from Microsoft). Microsoft's <a href=\"https:\/\/microsoft.github.io\/CSS-Exchange\/Diagnostics\/HealthChecker\/\" target=\"_blank\" rel=\"noopener\">HealthChecker PowerShell script<\/a> can be used to check.&nbsp; <\/p>\n<blockquote>\n<p>These vulnerabilities affect Exchange Server. Exchange Online customers are already protected from the vulnerabilities covered in these SUs and do not need to take any action other than updating all Exchange servers in their environment.<\/p>\n<\/blockquote>\n<h2>Enable Windows Extended Protection<\/h2>\n<p>In an addendum, Microsoft notes that to fix some vulnerabilities closed in August\/October 2022, administrators must enable (<a href=\"https:\/\/docs.microsoft.com\/iis\/configuration\/system.webserver\/security\/authentication\/windowsauthentication\/extendedprotection\/\" target=\"_blank\" rel=\"noopener\">Windows Extended protection<\/a>) on their Exchange servers (in IIS). Microsoft provides a script to enable this feature (the latest version can be found <a href=\"https:\/\/aka.ms\/ExchangeEPScript\" target=\"_blank\" rel=\"noopener\">here<\/a>). Before activating Extended Protection (EP) on production systems, you should check if the <a href=\"https:\/\/microsoft.github.io\/CSS-Exchange\/Security\/Extended-Protection\/\" target=\"_blank\" rel=\"noopener\">requirements<\/a> are met. The activation of Extended Protection (EP) is only supported by certain Exchange versions. Problem will also become the numerous \"Known Issues\" that are mentioned in <a href=\"https:\/\/microsoft.github.io\/CSS-Exchange\/Security\/Extended-Protection\/\" target=\"_blank\" rel=\"noopener\">the prerequisites<\/a>.&nbsp; <\/p>\n<p><strong>Similar articles:<br \/><\/strong><a href=\"https:\/\/borncity.com\/win\/2022\/08\/10\/exchange-server-sicherheitsupdates-9-august-2022\/\">Exchange Server Security updates (August 9, 2022)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2021\/04\/16\/exchange-update-fehler-und-infos-13-april-2021\/\">Exchange Update errors and information (April 13, 2021)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2021\/03\/06\/exchange-probleme-mit-ecp-nach-sicherheitsupdate-mrz-2021\/\">Exchange isues with ECP\/OWA search after installing security update (March 2021)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2021\/07\/13\/exchange-2016-2019-outlook-probleme-durch-amsi-integration\/\">Exchange 2016\/2019: Outlook problems due to AMSI integration<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2021\/09\/27\/exchange-server-september-2021-cu-kommt-zum-28-9-2021-mit-microsoft-exchange-emergency-mitigation-service\/\">Exchange Server September 2021 CU comes Sept. 28 with Microsoft Exchange Emergency Mitigation Service<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2021\/08\/29\/exchange-server-2016-2019-benutzerdefinierte-attribute-in-ecp-nach-cu-installation-juli-2021-nicht-mehr-aktualisierbar\/\">Exchange Server 2016-2019: Custom attributes in ECP no longer updatable after CU installation (July 2021)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/09\/01\/exchange-server-2013-tipps-von-microsoft-zur-auerbetriebnahme-der-systeme\/\">Exchange Server 2013: Microsoft's tips on decommissioning the systems<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/09\/16\/update-fr-exchange-extended-protection-script-aber-weiterhin-fehler\/\">Update for Exchange Extended Protection script, but still error<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/09\/30\/exchange-health-checker-script-erweiterungen-von-frank-zchling\/\">Tip: Exchange Health Checker \u2013 Script extensions by Frank Z\u00f6chling<\/a> <\/p>\n<p><a href=\"https:\/\/borncity.com\/win\/2022\/09\/30\/exchange-server-werden-ber-0-day-exploit-angegriffen-29-sept-2022\/\">Exchange Servers are attacked via 0-day exploit (Sept. 29, 2022)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/09\/30\/microsofts-empfehlungen-fr-die-exchange-server-0-day-schwachstelle-zdi-can-18333\/\">Microsoft's recommendations for Exchange Server 0-day vulnerability ZDI-CAN-18333<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/10\/01\/neues-zur-exchange-server-0-day-schwachstelle-zdi-can-18333-korrekturen-scripte-und-ep-lsung\/\">Update on Exchange Server 0-day Vulnerability ZDI-CAN-18333: Fixes, Scripts and EMS Solution<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/10\/05\/exchange-server-microsofts-bessert-lsungen-fr-0-day-schutz-nach-5-oktober-2022\/\">Exchange Server: Microsoft updates it's mitigation for the 0-day ProxyNotShell vulnerability (October 5, 2022)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/10\/11\/exchange-server-microsofts-bessert-lsungen-fr-0-day-schutz-nach-8-oktober-2022\/\">Exchange Server: Microsofts improves solutions for 0-day mitigation again (October 8, 2022)<\/a><br \/><a href=\"https:\/\/borncity.com\/win\/2022\/10\/11\/exchange-server-neue-0-day-nicht-notproxyshell-cve-2022-41040-cve-2022-41082\/\">Exchange Server: New 0-day (not NotProxyShell, CVE-2022-41040, CVE-2022-41082)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Microsoft has released security updates for Exchange Server 2013, Exchange Server 2016 and Exchange Server 2019, effective October 11, 2022. These updates are intended to address vulnerabilities reported by external security partners or found by Microsoft. However, the 0-day vulnerabilities &hellip; <a href=\"https:\/\/borncity.com\/win\/2022\/10\/12\/exchange-server-sicherheitsupdates-11-oktober-2022\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,1547,22],"tags":[869,2745,69,195],"class_list":["post-26948","post","type-post","status-publish","format-standard","hentry","category-security","category-software","category-update","tag-exchange","tag-patchday-10-2022","tag-security","tag-update"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/26948","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=26948"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/26948\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=26948"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=26948"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=26948"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}