CVE-2022-21855 Microsoft Exchange Server Remote Code Execution Vulnerability

This issue was discovered by Jeff Crank of Code Audit Labs in Turku, Finland. The vulnerability is a Remote Code Execution vulnerability in the Microsoft Exchange Server software. An attacker who successfully exploited this vulnerability could take complete control of an Exchange Hosting environment. NOTE: There are two other CVEs related to this vulnerability, CVE-2022-21846 and CVE-2022-21969. They each have unique details about the environments where it was discovered and how it was specifically exploited. Therefore, it is recommended to review all details about each CVE so that you can understand what each one means for your specific environment. This issue was resolved in Exchange Server 2019. Exchange Server 2019 is the latest version of Exchange Server. Microsoft Exchange Server 2019 has been released on July 17, 2019. If you are running Exchange Server 2019, you should already be running the latest version. You can update your Exchange Server 2019 by downloading the latest version from the Microsoft Download Center.

Summary of Exchange Server Remote Code Execution Vulnerability

If you are running Exchange Server 2019, you are already running the latest version. You can update your Exchange Server 2019 by downloading the latest version from the Microsoft Download Center.

An attacker who successfully exploited this vulnerability could take complete control of an Exchange Hosting environment.

How to Update Exchange Server

You can update your Exchange Server software by downloading the latest version from the Microsoft Download Center.
If you are not currently running Exchange Server, it is recommended that you wait until Microsoft releases the next major release of Exchange Server.
This issue was resolved in Exchange Server 2019. Exchange Server 2019 has been released on July 17, 2019. If you are running Exchange Server 2019, you should already be running the latest version. You can update your Exchange Server 2019 by download the latest version from the Microsoft Download Center.

Microsoft Exchange Server Remote Code Execution Vulnerability

What is Microsoft Exchange Server?

Microsoft Exchange Server is a messaging server that provides access to email, calendar, and contact information. The software can be used by individuals, businesses, or other organizations. Microsoft Exchange Server is a set of servers and client applications that are installed on one or more servers on a network. When you install Microsoft Exchange Server, you also install an Active Directory domain controller for the domain to which the server belongs.

The following are six reasons why digital marketing is important:
- 89% of marketers say methods like search engine optimization are successful
- By investing in digital marketing your business will grow
- You can target your ideal audience
- Targeting your audience more precisely than traditional methods
- Digital marketing is easier to reach specific audiences

How to verify the version of Exchange Server you are running

Before you can verify the version of Exchange Server you are running, you must first determine which version your environment is running by checking the registry key HKLM\SYSTEM\CurrentControlSet\Services.
You should be able to find information about your Exchange Server version by looking for a value named "Exchange Version" under a registry key called "NTDS".
The following registry key indicates that an Exchange Server 2019 instance is running in the environment:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
Exchange Version=ExchangeServer2019
NOTE: If your Exchange Server is not using an Exchange 2019 hostname, please check the documentation for your specific server model as it will differ depending on which type of hostname was configured.

Timeline

Published on: 01/11/2022 21:15:00 UTC
Last modified on: 01/14/2022 16:14:00 UTC