KLA11302
Multiple vulnerabilities in Microsoft Exchange Server

Multiple serious vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to execute arbitrary code and bypass security restrictions.

Below is a complete list of vulnerabilities:

1. An tampering vulnerability can be exploited via specially crafted application to bypass security restrictions;
2. An improper memory handling vulnerability can be exploited remotely via specially crafted email to execute arbitrary code;

Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 23
Microsoft Exchange Server 2013 Cumulative Update 20
Microsoft Exchange Server 2013 Cumulative Update 21
Microsoft Exchange Server 2016 Cumulative Update 10
Microsoft Exchange Server 2016 Cumulative Update 9

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)