Microsoft has released security updates (SUs) for vulnerabilities found in:
Exchange Server 2013
Exchange Server 2016
Exchange Server 2019
IMPORTANT: Starting with this release of Securit...
Updated May 27, 2022
Version 21.0
Blog Post
This is the related code in healthchecker. There needs to be a better way than this when you have separation of duties not to mention what accidents could happen with those rights shared:
if ((($SecurityObject.MajorVersion -le [HealthChecker.ExchangeMajorVersion]::Exchange2016) -and
($SecurityObject.CU -le [HealthChecker.ExchangeCULevel]::CU23)) -or
(($SecurityObject.MajorVersion -eq [HealthChecker.ExchangeMajorVersion]::Exchange2019) -and
($SecurityObject.CU -le [HealthChecker.ExchangeCULevel]::CU12)) -and
($SecurityObject.ServerRole -ne [HealthChecker.ExchangeServerRole]::Edge)) {
Write-Verbose "Testing CVE: CVE-2022-21978"
if ($null -ne $SecurityObject.ExchangeInformation.ExchangeAdPermissions) {
Write-Verbose "Exchange AD permission information found - performing vulnerability testing"
foreach ($entry in $SecurityObject.ExchangeInformation.ExchangeAdPermissions) {
if ($entry.CheckPass -eq $false) {
$details = "CVE-2022-21978`r`n`t`tInstall the May 2022 SU and run /PrepareDomain or /PrepareAllDomains - See: https://urldefense.com/v3/__https:/aka.ms/HC-May22SU__;!!Dahw-A9d0CA!lOGHZdSHTfOD4mP31zvwbUy3rgIpiD0O0Nyzl9tOTMmu6Yyf7Y4V8m3KSiKy8Qr7-Q$"
$displayWriteTypeColor = "Red"
}
}
if ($displayWriteTypeColor -ne "Red") {
Write-Verbose "System NOT vulnerable to CVE-2022-21978"
}
} else {
Write-Verbose "Unable to perform CVE-2022-21978 vulnerability testing"
$details = "CVE-2022-21978`r`n`t`tUnable to perform vulnerability testing - See: https://urldefense.com/v3/__https:/aka.ms/HC-May22SU__;!!Dahw-A9d0CA!lOGHZdSHTfOD4mP31zvwbUy3rgIpiD0O0Nyzl9tOTMmu6Yyf7Y4V8m3KSiKy8Qr7-Q$"
$displayWriteTypeColor = "Yellow"
}