However, the most important updates here as for out of support versions of Microsoft Exchange Server. We reported on this decision by Microsoft. It is rare for the company to send out security updates for out of band versions, but in the light of the ongoing Exchange Server attacks, the company decided to patch. Microsoft also issued security updates for Windows Admin Center, DirectX, Win32K, Windows Remote Access API, and Registry. Across all services, Microsoft says 14 of the patches fix critical vulnerabilities that could be exploited for Remote Code Execution (RCE) attacks. One of the most worrisome fixes is for CVE-2021-26411, which was a memory corruption flaw in Internet Explorer. While IE is a legacy browser, many organizations still use it. Microsoft says the vulnerability has already been exploited. There are also patches for a couple of unsigned code execution flaws in Azure Sphere, CVE-2021-27074 and CVE-2021-27080. Furthermore, Microsoft has also patched CVE-2021-26897, a critical RCE vulnerability in Windows DNS Server.
Microsoft Exchange Server Attacks
Microsoft is currently in the midst of active exploits against its Exchange Server platform. Microsoft says updating Exchange Server is the best way to avoid the exploit. Furthermore, the company has launched a tool to help customers know if they have been breached. Yesterday we reported the Biden administration has set up a taskforce to monitor the attacks. Patches for the flaws have already been sent out prior to this Patch Tuesday. Users on older Exchange Servers can now also patch their systems. Tip of the day: Did you know you can also use OneDrive to save folders and files in the cloud which are located outside the main OneDrive-folder. Check out our step-by-step tutorial to use this practical method also for your Windows 10-PC.