Microsoft has released Security Updates (SUs) for vulnerabilities found in:
Exchange Server 2013
Exchange Server 2016
Exchange Server 2019
SUs are available in a self-extracting auto-elev...
Updated May 08, 2023
Version 22.0
Blog Post
Nino_BilicThank you for taking the time out to reply Nico, it’s very much appreciated.
We installed the Feb 2023 SU back on Feb 14th and had no issues with the update (Windows Server 2019 and Exchange 2019 CU12).
Can you please confirm that CVE-2023-21707 was actually resolved in the Feb 2023 SU for those that installed it and had no issues or have we been vulnerable this entire time because of a patch that failed to prevent the CVE?
I appreciate all the hard work that you and the rest of the team do. Software development at this scale, and with the complexity of the product is difficult. Having said that I’ve become quite nervous of Exchange updates of late due to some of the communication and patch launch issues. So your clarification comments are very much welcomed and deeply appreciated.