tsellers-r7 (3)
Last Login: October 28, 2020
tsellers-r7's Latest (1) Contributions
Technical Analysis
Discovery Notes
You can determine the version of Microsoft Exchange that the Client Access Servers (CAS) are running prior to authentication. Visit the OWA login page ( https://owa.probablyunpatched.com/owa/auth/logon.aspx
) and view the source.
@font-face { font-family: "Segoe UI WPC"; src: url("/owa/auth/15.0.1210/themes/resources/segoeui-regular.eot?#iefix") format("embedded-opentype"), url("/owa/auth/15.0.1210/themes/resources/segoeui-regular.ttf") format("truetype"); } @font-face { font-family: "Segoe UI WPC Semilight"; src: url("/owa/auth/15.0.1210/themes/resources/segoeui-semilight.eot?#iefix") format("embedded-opentype"), url("/owa/auth/15.0.1210/themes/resources/segoeui-semilight.ttf") format("truetype"); } @font-face { font-family: "Segoe UI WPC Semibold"; src: url("/owa/auth/15.0.1210/themes/resources/segoeui-semibold.eot?#iefix") format("embedded-opentype"), url("/owa/auth/15.0.1210/themes/resources/segoeui-semibold.ttf") format("truetype"); }
The versions there can be compared to the Exchange build lookup list provided by Microsoft
https://docs.microsoft.com/en-us/exchange/new-features/build-numbers-and-release-dates?view=exchserver-2019
The following Exchange versions may be safe. Microsoft isn’t consistently updating the build number as part of the update installation process. Anything newer is probably patched.
Exchange Release | Build Number |
---|---|
Microsoft Exchange Server 2019 Cumulative Update 4 + hotfix | 15.2.529.xxx |
Microsoft Exchange Server 2019 Cumulative Update 3 + hotfix | 15.2.464.xxx |
Microsoft Exchange Server 2016 Cumulative Update 16 + hotfix | 15.1.1979.xxx |
Microsoft Exchange Server 2016 Cumulative Update 15 + hotfix | 15.1.1913.xxx |
Microsoft Exchange Server 2016 Cumulative Update 14 + hotfix | 15.1.1847.xxx |
Microsoft Exchange Server 2013 Cumulative Update 23 + hotfix | 15.0.1497.xxx |
Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 30 | 14.3.496.xxx |
Any version matching those listed below or that are older than those listed below are definately vulnerable.
Exchange Release | Build Number |
---|---|
Microsoft Exchange Server 2019 Cumulative Update 2 | 15.2.397.3 |
Microsoft Exchange Server 2016 Cumulative Update 14 | 15.1.1779.2 |
Microsoft Exchange Server 2013 Cumulative Update 22 | 15.0.1473.3 |
Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 29 | 14.3.487.0 |