Microsoft Exchange Server Remote Code Execution Vulnerability: CVE-2020-16875

As you know, Microsoft regularly releases new patches every month, and we regularly review these patches and try to take action, especially for critical systems open to the outside world. Every patch installation is a risk, but it’s important not to waste time on critical patches. The basic logic here is that since these patches are released after the vulnerabilities closed by these patches are found by malicious people, we are at risk of being attacked at any time, and there is a risk that people who follow the patches and reverse engineer malware or similar malicious content for the vulnerabilities closed by these patches can act faster than you. In short, the patch we are talking about now is a critical patch.

This patch, which affects Exchange Server 2016 and 2019 systems, was released primarily to close a remote code execution vulnerability in Microsoft Exchange servers caused by improper validation of command set arguments.

An attacker who successfully exploits the vulnerability can execute arbitrary code with system user authorization.

In summary, it is an extremely critical vulnerability and an update should be installed quickly.

According to the exchange server version you have, the relevant patches are as follows;

Microsoft Exchange Server 2016 Cumulative Update 16
https://www.microsoft.com/download/details.aspx?familyid=8af5b070-a354-4ec2-941e-750b154b771f
Microsoft Exchange Server 2016 Cumulative Update 17
https://www.microsoft.com/download/details.aspx?familyid=589d2f7f-31bf-48c5-aaf2-fc69999097d4
Microsoft Exchange Server 2019 Cumulative Update 5
https://www.microsoft.com/download/details.aspx?familyid=8842cfd3-2585-404b-89e4-1718f67e232c
Microsoft Exchange Server 2019 Cumulative Update 6
https://www.microsoft.com/download/details.aspx?familyid=4b14aea8-7179-4689-ae09-94da952869ac

You can use the following powershell command to find out your current version;

Get-ExchangeServer | Format-List Name,Edition,AdminDisplayVersion

If your current version is lower than the versions above, you will need to upgrade the CU first.

Always remember to make a backup of the system before patching. If you have more than one exchange server, make sure you do the migration one by one.