Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT)  Coordination Center VulNote “for a critical remote code execution vulnerability in the Windows Print spooler services” on June 30, 2021, Microsoft issued new guidance for the vulnerability (CVE-2021-34527) on July 1, updated guidance on July 2, 2021, and an emergency patch on July

The National Security Agency (NSA) recently issued a warning to private industry about four zero-day vulnerabilities in Microsoft Exchange Server versions 2013, 2016, and 2019 used on-premises. The NSA recommends immediate patching of the vulnerabilities before they are exploited by threat actors.

The vulnerabilities could lead to remote execution of code that would allow threat

In a rare sharing of information about vulnerabilities in a blog post, Microsoft this week urged customers to download software patches to Microsoft Exchange Server after it detected “multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks.”

According to Microsoft’s Threat Intelligence Center, “[W]e are sharing