Microsoft issued patches Tuesday for four more vulnerabilities in on-premises versions of the Exchange Server corporate email platform, one of which is a zero-day flaw. The latest patches come after Microsoft in March patched four critical flaws in Exchange Server that had been widely exploited by attackers. Attackers are not exploiting these vulnerabilities in the wild, Microsoft says. The remaining Exchange issues are all rated “important,” with CVE-2021-31198 leading to remote code execution if exploited. Microsoft believes an attacker is more likely to utilize this vulnerability to launch a distributed denial service.”]
Source: https://www.databreachtoday.com/microsoft-patches-4-more-exchange-flaws-a-16566