Today is the monthly 'Windows Update' day, and Exchange Server vulnerabilities will also be fixed.

This month, Windows Update delivered monthly security updates and bug fixes for Windows. Let's update as soon as possible. In this Windows Update, a security update related to the vulnerability of Exchange Server, which was discovered in March 2021 and became a major problem such as the US Cyber Security Infrastructure Security Agency (CISA) issuing an emergency command. The program is also distributed.

We have released the security update for April 2021. See the Security Update Guide for more information. https://t.co/U5eJTOOIIC

— Microsoft Security Team (@JSECTEAM) April 13, 2021

'April 2021 Security Updates (Monthly)' describes the security updates released this month. https://t.co/ksCCP9Y2ha pic.twitter.com/lzF9roKmGV

— Microsoft Security Team (@JSECTEAM) April 14, 2021

◆ Windows 10 v20H2, v2004, v1909, v1809, v1803
Maximum severity:
emergency

Most impact:
Code is executed remotely

Related Knowledge Base or Support Web Page:
Windows 10 v2004 and Windows 10 v20H2: 5001330
Windows 10 v1909: 5001337
Windows 10 v1809: 5001342
Windows 10 v1803: 5001339

◆ Windows Server 2019, Windows Server 2016, Server Core installation (2019, 2016, v20H2, v2004, v1909)
Maximum severity:
emergency

Most impact:
Code is executed remotely

Related Knowledge Base or Support Web Page:
Windows Server 2019: 5001342
Windows Server 2016: 5001347
Windows Server v2004 and Windows Server v20H2: 5001330
Windows Server v1909: 5001337

◆ Windows 8.1, Windows Server 2012 R2, and Windows Server 2012
Maximum severity:
emergency

Most impact:
Code is executed remotely

Related Knowledge Base or Support Web Page:
Windows 8.1 and Windows Server 2012 R2 Monthly Rollup: 5001382
Windows 8.1 and Windows Server 2012 R2 Security Only: 5001393
Windows Server 2012 Monthly Rollup: 5001387
Windows Server 2012 Security Only: 5001383

◆ Microsoft Office related software
Maximum severity:
important

Most impact:
Code is executed remotely

Related Knowledge Base or Support Web Page:
This month, we have more than 20 Office-related Knowledge Base articles. See https://msrc.microsoft.com/update-guide for a detailed list.

◆ Microsoft SharePoint related software
Maximum severity:
important

Most impact:
Code is executed remotely

Related Knowledge Base or Support Web Page:
4504701 , 4504709 , 4504716 , 4493170 , 4504719 , 4504715 , 4493201 , 4504723

◆ Microsoft Exchange Server
Maximum severity:
emergency

Most impact:
Code is executed remotely

Related Knowledge Base or Support Web Page:
For more information about security updates for Exchange Server, see the Security Update Guide https://msrc.microsoft.com/update-guide .

◆ Azure DevOps Server, Team Foundation Server
Maximum severity:
important

Most impact:
information leak

Related Knowledge Base or Support Web Page:
For more information about Azure DevOps Server / Team Foundation Server security updates, see https://docs.microsoft.com/azure/devops .

◆ Azure related software
Maximum severity:
emergency

Most impact:
Code is executed remotely

Related Knowledge Base or Support Web Page:
For more information about security updates for Azure-related software, see the Security Update Guide https://msrc.microsoft.com/update-guide .

◆ Microsoft Visual Studio related software
Maximum severity:
important

Most impact:
Code is executed remotely

Related Knowledge Base or Support Web Page:
For more information about security updates for Visual Studio related software, see https://docs.microsoft.com/en-us/visualstudio and the Security Update Guide https://msrc.microsoft.com/update-guide . Please give me.

◆ VP9 Video Extensions and Raw Image Extensions
Maximum severity:
important

Most impact:
Code is executed remotely

Related Knowledge Base or Support Web Page:
For more information about VP9 Video Extensions and Raw Image Extensions security updates, see the Security Update Guide https://msrc.microsoft.com/update-guide .

Regarding this update, Microsoft said, 'This month's release includes a number of important vulnerability countermeasures that are recommended to be prioritized, including an update to protect against new vulnerabilities in on-premises Exchange Server. and am I, ' I said .

As a result, CISA told domestic government agencies and organizations that 'applying the update released on April 13 to Exchange servers is the only mitigation possible other than disconnecting the server from the network.' We are calling for prompt implementation of Windows Update and reporting of update completion.