static image with Exchange logo
Exploits and vulnerabilities | News

Exchange Server security updates updated

Posted: August 18, 2023 by Pieter Arntz

Microsoft has re-released the August 2023 Security Updates (SUs) for Exchange Server. The original release of the SUs, from August 8 2023, had a localization issue with Exchange Server running on a non-English Operating Systems (OSes) that caused Setup to stop unexpectedly, leaving Exchange services in a disabled state.

Exchange Online users are already protected from the vulnerabilities addressed by these Security Updates and do not need to take any action other than updating any Exchange servers or Exchange Management tools workstations in their environment.

This patch comes with a complicated table of recommended actions, in which version 1 is the original August 2023 SU and version 2 is the re-released August 2023 SU. Microsoft says:

  • If you successfully installed version 1 without problems, no further action is needed.
  • If you installed version 1 automatically without any problems or issues, version 2 will be downloaded automatically.
  • If the installation of version 1 failed, leaving Exchange services disabled, and you restarted the Exchange services without installing version 1 again, you should install version 2.
  • If the installation of version 1 failed, leaving Exchange services disabled, you restarted the Exchange services, and you used the workaround to manually create a “Network Service” account and then installed version 1, you should:
    • Uninstall version 1 and reboot.
    • Remove the manually created “Network Service” account (if it still exists).
    • Install version 2.

If version 1 was never installed, you can skip straight to version 2. Although there is no reason to suspect there are active exploits in the wild, we still recommend to do this as soon as possible to protect your environment. Exchange Servers are attractive targets for cybercriminals.

The vulnerability fixed by the security update, listed as CVE-2023-21709, required users to run a script in addition to installing the update. If you took the extra steps needed to address CVE-2023-21709 none of the actions above will undo them, so you do not have to repeat or undo them at any point. But again, if you haven’t done it yet, you should do so as soon as possible.

We don’t just report on vulnerabilities—we identify them, and prioritize action.

Cybersecurity risks should never spread beyond a headline. Keep vulnerabilities in tow by using Malwarebytes Vulnerability and Patch Management.

RELATED ARTICLES

TikTok logo
News | Personal

TikTok comes one step closer to a US ban

April 24, 2024 - The US Senate has approved a bill that will ban TikTok, unless it finds a new owner, bringing it one step closer to being signed into law.

CONTINUE READING 0 Comments
UnitedHealth Group logo
News | Personal

“Substantial proportion” of Americans may have had health and personal data stolen in Change Healthcare breach

April 23, 2024 - UnitedHealth has made an announcement about the stolen data in the ransomware attack on subsidiary Change Healthcare.

CONTINUE READING 0 Comments
The Lock and Code logo, which includes the Malwarebytes Labs insignia ensconced in a pair of headphones
Podcast

Picking fights and gaining rights, with Justin Brookman: Lock and Code S05E09

April 22, 2024 - This week on the Lock and Code podcast, we speak with Justin Brookman about past consumer wins in the tech world, and how to avoid despair.

CONTINUE READING 0 Comments
Discord logo
News | Privacy

Billions of scraped Discord messages up for sale

April 22, 2024 - An internet scraping platform is offering access to a database filled with over four billion Discord messages and combined user profiles.

CONTINUE READING 0 Comments
week in security
News

A week in security (April 15 – April 21)

April 22, 2024 - A list of topics we covered in the week of April 15 to April 21 of 2024

CONTINUE READING 0 Comments

ABOUT THE AUTHOR

Pieter Arntz

Pieter Arntz

Malware Intelligence Researcher

Was a Microsoft MVP in consumer security for 12 years running. Can speak four languages. Smells of rich mahogany and leather-bound books.

Contributors icon

Contributors

Threat Center icon

Threat Center

Podcasts icon

Podcast

Glossary icon

Glossary

Scams icon

Scams