NSA Discovers New Vulnerabilities Affecting Microsoft Exchange Servers

In its April slate of patches, Microsoft rolled out fixes for a total of 114 security flaws, including an actively exploited zero-day and four remote code execution bugs in Exchange Server.
Of the 114 flaws, 19 are rated as Critical, 88 are rated Important, and one is rated Moderate in severity.
Chief among them is CVE-2021-28310, a privilege escalation vulnerability in Win32k that’s said to be