KLA11216
ACE vulnerability in Microsoft Exchange Server

Updated: 06/18/2020

Detect date ?	04/03/2018
Severity ?	High
Description	A remote code execution vulnerability was found in Microsoft Exchange Server. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted file.
Affected products	Microsoft Exchange Server 2013 Microsoft Exchange Server 2016 Microsoft Forefront Endpoint Protection 2010 Microsoft Security Essentials Windows Defender Windows Intune Endpoint Protection
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	CVE-2018-0986
Impacts ?	ACE [?]
Related products	Microsoft Exchange Server
CVE-IDS ?	CVE-2018-09869.3Critical
Microsoft official advisories	Microsoft Security Update Guide
Exploitation	The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/44402 Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
	Find out the statistics of the vulnerabilities spreading in your region

KLA11216ACE vulnerability in Microsoft Exchange Server