Microsoft released a security update designed to patch remote code execution (RCE) and information disclosure vulnerabilities in its Microsoft Exchange Server 2019, 2016, and 2013 products. Microsoft rated the two vulnerabilities as ‘Important’ Microsoft assigned an Important severity level to both security issues and, until their public disclosure, no mitigation factors or workarounds have been found. The security update can be installed automatically using Windows Update or by manually downloading the two update packages from the Microsoft Update Catalog website or the Microsoft Download Center.
Source: https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-remote-code-execution-vulnerability-in-exchange-server/