CVE-2021-42321 – New Exploit Targeting Exchange On-Premises

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-42321

Unfortunately for Exchange on-premises admins, yet another exploit has surfaced.

The Hafnium zero-day exploit targeted exchange on-premises during the first half of 2021.

The Hafnium exploit became so bad that the FBI obtained a warrant to patch customer servers without consent.

Now it seems trouble is surfacing again for Exchange on-premises…

The latest vulnerability is technically named CVE-2021-42321. It affects Exchange on-premises versions 2016 and 2019.

A patch has been released here.

The exploit is caused by improper validation of PowerShell CmdLet (command-let) arguments and customers are advised to immediately update their servers with the fix.

Apparently, the bug was initially exploited at the Tianfu Cup 2021 international hacking contest, which took place in October in Chengdu, China.

How to Get 100% Protection from Exchange On-Premises Exploits

Are you already migrated to Office 365 and only keeping your Exchange on-premises server to manage email attributes?

You can now avoid spending countless hours patching your on-premises Exchange Server.

Easy365Manager is a snap-in to Active Directory that allows you to manage email attributes, Office 365 licenses, and Office 365 mailboxes.

Create an Office 365 mailbox using Easy365Manager

With Easy365Manager, you can completely remove your on-premises Exchange Server, thereby protecting you from any future exploits targeting Exchange on-premises.

Download the free 30-day trial now and start doing all your AD and Office 365 management straight out of AD Users & Computers.