Exchange 2013

Exchange Privilege Elevation Vulnerability Addressed by Microsoft Patches

with 3 Comments by Tony Redmond

The recent exposure of a privilege elevation vulnerability that exists in the control Exchange has over Active Directory and EWS push notifications is fixed by cumulative updates for Exchange 2013, Exchange 2016, and Exchange 2019 and a roll-up update for Exchange 2010 SP3. These changes mark an architectural modification for Exchange, something that Microsoft is loathe to do outside major releases. Install the updates now!

Updates Released for Exchange 2016 and Exchange 2013

by Tony Redmond

With all the focus and attention paid to Office 365, you’d be forgiven for assuming that not much happens in the world of on-premises software. Microsoft will support Exchange 2016 until 2025 and has to maintain the software through patches and updates until then. Exchange 2013 isn’t forgotten either. New cumulative updates are available for the two servers. Cue excitement all round.