Microsoft today has released security updates for Exchange Server that address a set of four vulnerabilities with severity scores ranging from high to critical.
All the flaws lead to remote code execution on a vulnerable machine and were discovered and reported to Microsoft by the U.S. National Security Agency (NSA). Microsoft also found some of them internally.
Given their severity level and the Microsoft Exchange hacking spree that started at the beginning of the year, organizations are strongly recommended to prioritize installing the latest patches.
Source: Bleeping Computer