Nessus Says "Security Updates for Microsoft Exchange Server (CVE-2021-1730) (February 2021)" in Exchange 2016 (CU17) High Vulnerability

Sathishkumar Singh 386 Reputation points
2021-02-22T08:21:27.74+00:00

Hello Support,

My Exchange Sever 2016 (CU17)
When i run Nessus tool says that "Security Updates for Microsoft Exchange Server (CVE-2021-1730) (February 2021)"

https://www.tenable.com/plugins/nessus/146330

How to fix this issue without any impact

Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
6,492 questions
0 comments No comments
{count} votes

Accepted answer
  1. Ashok M 6,466 Reputation points
    2021-02-22T12:04:45.497+00:00

    Hi @SathishkumarSingh-0068 ,

    Based on my research, Exchange 2016 CU18 has to be installed to address this vulnerability.

    https://support.microsoft.com/en-us/topic/cumulative-update-18-for-exchange-server-2016-c1af0ead-3bde-e4db-5f24-9f597050dcbf
    https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1730

    Upgrading Exchange CU
    https://learn.microsoft.com/en-us/exchange/plan-and-deploy/install-cumulative-updates?view=exchserver-2019#install-an-exchange-cu-using-the-setup-wizard

    Upgrading Exchange CU in DAG
    https://practical365.com/exchange-server/installing-cumulative-updates-on-exchange-server-2016/
    http://cloudexchangers.com/exchange-runbooks/

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    If the above suggestion helps, please click on "Accept Answer" and upvote it.


1 additional answer

Sort by: Most helpful
  1. KyleXu-MSFT 25,866 Reputation points
    2021-02-23T01:58:34.253+00:00

    @SathishkumarSingh-0068

    The link that you provided contains the solution:
    70829-qa-kyle-09-55-05.png

    KB4571787 is the update for Exchange 2019, you need to download from VLSC.
    KB4571788 is the update for Exchange 2016, you can download from here.


    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.