{"id":28355,"date":"2023-01-11T10:32:12","date_gmt":"2023-01-11T09:32:12","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=28355"},"modified":"2023-01-26T11:21:02","modified_gmt":"2023-01-26T10:21:02","slug":"exchange-server-security-updates-january-10-2023","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2023\/01\/11\/exchange-server-security-updates-january-10-2023\/","title":{"rendered":"Exchange Server Security Updates (January 10, 2023)"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline; border-width: 0px;\" title=\"Exchange Logo\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2022\/06\/Exchange.jpg\" alt=\"Exchange Logo\" width=\"204\" height=\"179\" align=\"left\" border=\"0\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2023\/01\/11\/exchange-server-sicherheitsupdates-10-januar-2023-dringend-patchen\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]Microsoft has released security updates for Exchange Server 2013, Exchange Server 2016 and Exchange Server 2019 as of January 10, 2023. These security updates close two vulnerabilities (Elevation of Privilege and Spoofing) in this software. These updates should be installed on systems in a timely manner to close the vulnerabilities in question.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg05.met.vgwort.de\/na\/db46234ffcb84ab58a706b8c32bd5067\" alt=\"\" width=\"1\" height=\"1\" \/>Microsoft has published the Techcommunity post <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/exchange-team-blog\/released-january-2023-exchange-server-security-updates\/ba-p\/3711808\" target=\"_blank\" rel=\"noopener\">Released: January 2023 Exchange Server Security Updates<\/a> with a description of the security updates.<\/p>\n<p><a href=\"https:\/\/i.imgur.com\/BlHWjlI.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" title=\"Exchange Januar 2023 updates\" src=\"https:\/\/i.imgur.com\/BlHWjlI.png\" alt=\"Exchange Januar 202 updates\" width=\"640\" \/><\/a><\/p>\n<p>Security updates are available for the following Exchange Server CU versions (links from Microsoft, some of which have downloads from August 2022 &#8211; but the KB articles are properly linked in the details).<\/p>\n<ul>\n<li>Exchange Server 2013 <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=104915\" target=\"_blank\" rel=\"noopener\">CU23<\/a>, KB5022188 (support ends in April 2023)<\/li>\n<li>Exchange Server 2016 <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=104914\" target=\"_blank\" rel=\"noopener\">CU23<\/a>, KB5022143<\/li>\n<li>Exchange Server 2019 <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=104913\" target=\"_blank\" rel=\"noopener\">CU11<\/a>,\u00a0 <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=104912\" target=\"_blank\" rel=\"noopener\">CU12<\/a>, KB5022193<\/li>\n<\/ul>\n<p>Microsoft writes in the Techcommunity post that the January 2023 security updates fix vulnerabilities reported to Microsoft by security partners and found through Microsoft's internal processes. Details are not disclosed, I had posted the following details about the vulnerabilities in the blog post <a href=\"https:\/\/borncity.com\/win\/2023\/01\/11\/microsoft-security-update-summary-10-januar-2023\/\">Microsoft Security Update Summary (January 10, 2023)<\/a>.<\/p>\n<ul>\n<li><u><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-21763\">CVE-2023-21763<\/a><\/u> und <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-21764\">CVE-2023-2176<\/a><u><\/u>: Microsoft Exchange Server Elevation of Privilege Vulnerabilities; Important, CVSSv3 Score7.8; Could grant SYSTEM privileges to an authenticated attacker. Microsoft has rated these vulnerabilities as \"exploitation less likely\" but has not provided an explanation.<\/li>\n<li><u><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-21745\">CVE-2023-21745<\/a><\/u> und <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2023-21762\">CVE-2023-21762<\/a><u><\/u><u><\/u>: Microsoft Exchange Server Spoofing Vulnerabilities, Important, CVSSv3 Score 8.0; CVE-2023-21745 can be exploited either over the local network or over the Internet \u2013 and has been rated Exploitation More Likely. CVE-2023-21762, on the other hand, is limited to a shared physical or local network or an \"otherwise restricted administrative domain.\" Successful exploitation could lead to disclosure of New Technology LAN Manager (NTLM) hashes and NTLM relay attacks.<\/li>\n<\/ul>\n<p>Microsoft writes that while there are no known active exploits in the wild, they recommend installing these updates immediately to protect Exchange installations.<\/p>\n<p>Note Microsoft's update installation instructions (so older CUs are dropped). It is recommended to enable Certificate Signing for PowerShell Serialization after installing the January 2023 security update. In addition, the Health Checker should be run to see if further action is required.<\/p>\n<p>The patches cause a bug: once the update is installed on an Exchange Server 2016 or 2019, web page previews for URLs shared in OWA will not render correctly. Microsoft plans to fix this bug in a future update.<\/p>\n<blockquote><p>These vulnerabilities affect Exchange Server. Exchange Online customers are already protected from the vulnerabilities covered in these SUs and do not need to take any action other than updating all Exchange servers in their environment.<\/p><\/blockquote>\n<p><strong>Similar articles:<br \/>\n<\/strong><a href=\"https:\/\/borncity.com\/win\/2022\/09\/30\/exchange-server-werden-ber-0-day-exploit-angegriffen-29-sept-2022\/\">Exchange Servers are attacked via 0-day exploit (Sept. 29, 2022)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2022\/09\/30\/microsofts-empfehlungen-fr-die-exchange-server-0-day-schwachstelle-zdi-can-18333\/\">Microsoft's recommendations for Exchange Server 0-day vulnerability ZDI-CAN-18333<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2022\/10\/01\/neues-zur-exchange-server-0-day-schwachstelle-zdi-can-18333-korrekturen-scripte-und-ep-lsung\/\">Update on Exchange Server 0-day Vulnerability ZDI-CAN-18333: Fixes, Scripts and EMS Solution<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2022\/10\/05\/exchange-server-microsofts-bessert-lsungen-fr-0-day-schutz-nach-5-oktober-2022\/\">Exchange Server: Microsoft updates it's mitigation for the 0-day ProxyNotShell vulnerability (October 5, 2022)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2022\/10\/11\/exchange-server-microsofts-bessert-lsungen-fr-0-day-schutz-nach-8-oktober-2022\/\">Exchange Server: Microsofts improves solutions for 0-day mitigation again (October 8, 2022)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2022\/11\/09\/exchange-server-security-updates-november-8-2022\/\">Exchange Server security updates (November 8, 2022)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2022\/12\/07\/ransomware-attack-responsible-for-rackspace-exchange-instance-outage-in-dec-2022\/\" rel=\"bookmark\">Ransomware attack responsible for Rackspace Exchange instance outage in Dec. 2022<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2022\/12\/21\/microsoft-exchange-new-owassrf-exploit-method-proxynotshell-used-by-play-ransomware\/\" rel=\"bookmark\">Microsoft Exchange: New OWASSRF exploit method (ProxyNotShell) used by play ransomware<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2022\/12\/28\/is-an-exchange-proxynotshell-disaster-looming-at-the-corner\/\" rel=\"bookmark\">Is an Exchange ProxyNotShell disaster looming at the corner?<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Microsoft has released security updates for Exchange Server 2013, Exchange Server 2016 and Exchange Server 2019 as of January 10, 2023. These security updates close two vulnerabilities (Elevation of Privilege and Spoofing) in this software. These updates should be installed &hellip; <a href=\"https:\/\/borncity.com\/win\/2023\/01\/11\/exchange-server-security-updates-january-10-2023\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1319],"tags":[],"class_list":["post-28355","post","type-post","status-publish","format-standard","hentry","category-general"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/28355","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=28355"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/28355\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=28355"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=28355"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=28355"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}