KLA11216
ACE vulnerability in Microsoft Exchange Server
Обновлено: 26/06/2019
Дата обнаружения
03/04/2018
Уровень угрозы
High
Описание

A remote code execution vulnerability was found in Microsoft Exchange Server. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially crafted file.

Пораженные продукты

Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
Microsoft Forefront Endpoint Protection 2010
Microsoft Security Essentials
Windows Defender
Windows Intune Endpoint Protection

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2018-0986
Оказываемое влияние
?
ACE 
[?]
Связанные продукты
Microsoft Exchange Server
CVE-IDS
CVE-2018-09869.3Critical
Microsoft official advisories
Microsoft Security Update Guide