Microsoft
MicrosoftCuC_Carsten you must run /PrepareSchema (as stated in this blog post) to apply the schema changes which are shipped, starting with July 2021 Security Update (SU). PrepareAD does not apply the required schema changes and so, the system remains in an unprotected state regarding CVE-2021-34470.
- Install July 2021 Security Update for Exchange 2013
- Extend the Active Directory schema using the elevated Command prompt. Command will be similar to the following:
“Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms” using the setup.exe from location “c:\Program Files\Microsoft\Exchange Server\V15\Bin\setup.exe” (use the folder for the installation location of your Exchange server)
NOTES:
- For Exchange 2013 only, schema version will not change after this.
- In case of Schema Master existing in an empty root domain, consider installing Exchange CU23 Management Tools on Windows 2012 R2 in the same domain, installing July SU and then running \prepareschema from that workstation.