STIGQter: STIG Summary: Microsoft Exchange 2013 Mailbox Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

Exchange must have the most current, approved service pack installed.

DISA Rule

SV-207333r615936_rule

Vulnerability Number

V-207333

Group Title

SRG-APP-000456

Rule Version

EX13-MB-000340

Severity

CAT II

CCI(s)

• CCI-002605 - The organization installs security-relevant software updates within an organization-defined time period of the release of the updates.

Weight

10

Fix Recommendation

Install the most current, approved service pack.

Check Contents

Determine the most current, approved service pack.

Open the Exchange Management Shell and enter the following command:

Get-ExchangeServer | fl Name, AdminDisplayVersion

If the value of AdminDisplayVersion does not return the most current, approved service pack, this is a finding.

Vulnerability Number

V-207333

Documentable

False

Rule Version

EX13-MB-000340

Severity Override Guidance

Determine the most current, approved service pack.

Open the Exchange Management Shell and enter the following command:

Get-ExchangeServer | fl Name, AdminDisplayVersion

If the value of AdminDisplayVersion does not return the most current, approved service pack, this is a finding.

Check Content Reference

M

Target Key

2923

Comments