Active Directory

Petri Newsletter Sign-up
Tech Tuesday

Subscribe to Tech Tuesday, the latest insights from Petri.com for IT Pros.

    See All Petri Newsletters

    Exchange Privilege Elevation Vulnerability Addressed by Microsoft Patches

    with 3 Comments by Tony Redmond

    The recent exposure of a privilege elevation vulnerability that exists in the control Exchange has over Active Directory and EWS push notifications is fixed by cumulative updates for Exchange 2013, Exchange 2016, and Exchange 2019 and a roll-up update for Exchange 2010 SP3. These changes mark an architectural modification for Exchange, something that Microsoft is loathe to do outside major releases. Install the updates now!