Microsoft has released security patches to address four new remote code vulnerabilities in Exchange 2013,2016, and 2019. At the same time, the FBI has removed web shells from compromised servers, but only in the U.S. Now more than ever it is essential that Exchange Server administrators apply all available patches and make sure that their servers have no lingering surprises left behind by attackers.
Microsoft has published security bulletin MS16-108, which includes critical security updates for all currently supported versions of Exchange Server.
The June 2016 security bulletin includes an update for all supported versions of Microsoft Exchange Server that is rated Important.
Microsoft has released an important security update for Exchange Server 2013 Service Pack 1 and Cumulative Update 8 servers.
Microsoft has released new updates for Exchange Server 2013, 2010 and 2007 that includes important security updates and bug fixes.