Microsoft has released security updates for Exchange Server that address a set of four vulnerabilities with severity scores ranging from high to critical. All the flaws lead to remote code execution on a vulnerable machine and were discovered and reported to Microsoft by the U.S. National Security Agency. The most severe of them have a critical severity score of 9.8 out of 10 and could be exploited before authentication. Microsoft recommends organizations use the Exchange Server Health Checker script to detect common configuration issues that could cause performance trouble.
Source: https://www.bleepingcomputer.com/news/security/nsa-discovers-critical-exchange-server-vulnerabilities-patch-now/