This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 35%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENN%3C/text%3E%3C/svg%3E)
Can someone help me with the Microsoft Exchange Server Vulnerability CVE-2024-21410, We don manage exchange server 2013, 2016, and 2019 for our customer, I want to know this Vulnerability applies to which vision and if 2019 Cumulative Update 14 (CU14) is required how I can manage for other version exchange servers.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYS%3C/text%3E%3C/svg%3E)
Hi @Nandan NK ,
Just checking in to see if below information was helpful. If you have any further updates on this issue, please feel free to post back. Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 81%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERA%3C/text%3E%3C/svg%3E)
There are security update available for the following versions: Microsoft Exchange Server 2019 Cumulative Update 14 Microsoft Exchange Server 2019 Cumulative Update 13 To learn more have a look at: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-21410
Hi @Nandan NK ,
I want to know this Vulnerability applies to which vision and if 2019 Cumulative Update 14 (CU14) is required how I can manage for other version exchange servers.
This Vulnerability applies to all the Exchange versions you mentioned.
According to this blog, enabling EP (Extended Protection) addresses this CVE:
So basically, you can read through the Prerequisites for enabling Extended Protection on Exchange Server then enable EP on the servers when all the prerequisites are met. (You can run the HeathChecker script to check whether your environment has got ready for EP. ) But as is always recommended, it's suggested to update all Exchange versions to the latest CU and install all the SUs.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 80%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
Hi, Exchange 2013 is no longer supported by Microsoft. Regarding Exchange 2016 and Exchange 2019 you should install the last Cumulitaive Update. For more details please refer to the following link : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21410
Please don't forget to accept helpful answer
