Four high-severity Microsoft Exchange flaws reported by Trend Micro’s Zero Day Initiative were noted by Microsoft to have been addressed or not need immediate servicing as required authentication would significantly reduce their odds of being exploited, SecurityWeek reports. Microsoft has already remediated the data deserialization issue within the ChainedSerializationBinder class that could be leveraged to facilitate remote code execution in security updates issued in August.
Source: SC Magazine