GreenPages Blog

As an IT professional, you need to stay current on all things tech; with articles from industry experts and GreenPages' staff, you get the info you need to help your organization compete and succeed!

All Posts

Patch Tuesday April 2021 Edition...Here We Go Again: More Exchange RCEs

By Randy Becker, VP & Principal Security Architect

Microsoft April 2021 Patch Tuesday brings us 4 critical on-premises Exchange RCE CVEs, 2 with a base CVSS Score of 9.8 out of 10 with no privileges required, 1 with a CVSS Score of 9 with an attack vector adjacent with low privileges required, and 1 with an 8.8 and low privileges required.

These significant vulnerabilities should be patched ASAP

These impact on-premises Exchange Server versions 2013, 2016, and 2019. Note that the Exchange updates released in March of 2021 do not remediate against these new vulnerabilities announced today. These are significant vulnerabilities that should be patched as soon as possible following your normal change and testing processes. Is it time to enhance your vulnerability management program to deal with vulnerabilities like these and out of band zero-day vulnerabilities? The answer of course is Yes.

Patching instructions and further reading on the threat

The latest
patches can be viewed on the Microsoft Security Response Center (MSRC) website. KB5001779 takes you to the 4 new Exchange RCE vulnerabilities: CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, and CVE-2021-28483. As usual, you must follow the instructions on this page or you may run into problems with the updates just like in last month’s updates.

How long before a POC exploit is made public?

It does not look like there is evidence of exploitation in the wild yet but exploitation is likely. Given the exploits we saw associated with the previous Exchange on-premises vulnerabilities, organizations are strongly recommended to prioritize installing the latest updates. It also looks like there are a few critical severity RCE vulnerabilities impacting all supported versions of Windows. The same process goes with these per usual patching.


Important steps we should all be taking

  • Follow proper change control process

  • Test your patches before rolling into production

  • Ensure you have immutable backups of all systems—that way if the worst happens you have a method of recovering.

  • If you have an on-premises Microsoft Exchange Server, regardless of whether it’s exposed to the Internet or not, patch it!

  • Ask yourself if now is the time to consider a move to Microsoft Online Exchange?

If you have an on-premises Microsoft Exchange Server and need help patching or would like to implement immutable backups or create an Incident Response Plan, reach out to your GreenPages Account Manager or reach out to us!

Randy Becker 2

Randy is responsible for GreenPages’ overall cyber security strategy, including developing comprehensive policies and procedures to protect critical applications while ensuring business agility and velocity. With more than 30 years in the IT industry, Randy has strong expertise in cyber security and risk management; security operations and optimization; infrastructure modernization; and hybrid cloud architecture, design, and implementation. Randy is also a HITRUST Certified CSF Practitioner (CCSFP) which ensures clients have access to the highest level of expertise related to privacy, security, compliance, and risk management.


Related Posts

The Benefits of Microsoft Intune Suite for Modern Workplaces

By Josh Morganthall, Microsoft Practice Manager, GreenPages Microsoft Intune Suite unifies several endpoint management and security solutions into one bundle. In this blog post, I discuss the business value of Microsoft's cloud-based service and the operational efficiencies and enhanced user experience it brings to IT teams and users. 

CIO Fireside Chat Recap: Cloud & FinOps

By Mario Brum, VP of Practice Area and Technical Advisory Services Mario hosted the second in GreenPages' ongoing series of CIO Fireside Chats discussing how an industry-leading retail technology company partnered with GreenPages to use FinOps for optimizing the company's cloud costs. 

Preparing Your Business for the End of Windows Server 2012 Support

By Josh Morganthall, GreenPages Senior Solutions Architect for Microsoft Cloud In this blog post, Josh outlines the steps that CIOs need to take to prepare for Windows Server 2012 reaching its end of support on October 10, 2023 to ensure their IT operations remain secure, productive, and running without interruption.