Microsoft has released security updates (SUs) for vulnerabilities found in:
Exchange Server 2013
Exchange Server 2016
Exchange Server 2019
IMPORTANT: Starting with this release of Securit...
Updated May 27, 2022
Version 21.0
Blog Post
Hello,
It seems that HealthChecker.ps1 script doesn't work properly on Exchange 2013:
Security Vulnerability
----------------------
Security Vulnerability: CVE-2022-21978
Unable to perform vulnerability testing - See: https://aka.ms/HC-May22SU
Compared to a previous version "Exchange2013" is not part of the check condition:
old:
if (($SecurityObject.MajorVersion -eq [HealthChecker.ExchangeMajorVersion]::Exchange2013) -or
(($SecurityObject.MajorVersion -eq [HealthChecker.ExchangeMajorVersion]::Exchange2016) -and
($SecurityObject.CU -lt [HealthChecker.ExchangeCULevel]::CU21)) -or
(($SecurityObject.MajorVersion -eq [HealthChecker.ExchangeMajorVersion]::Exchange2019) -and
($SecurityObject.CU -lt [HealthChecker.ExchangeCULevel]::CU10))) {
Write-Verbose "Testing CVE: CVE-2021-34470"
current:
if ((($SecurityObject.MajorVersion -le [HealthChecker.ExchangeMajorVersion]::Exchange2016) -and
($SecurityObject.CU -le [HealthChecker.ExchangeCULevel]::CU23)) -or
(($SecurityObject.MajorVersion -eq [HealthChecker.ExchangeMajorVersion]::Exchange2019) -and
($SecurityObject.CU -le [HealthChecker.ExchangeCULevel]::CU12))) {
Write-Verbose "Testing CVE: CVE-2022-21978"
As I don't know whether or not this is the only occurence: could someone of the experts check and fix the checker script, please?
Sascha