Microsoft has released Security Updates (SUs) for vulnerabilities found in:
- Exchange Server 2019
- Exchange Server 2016
SUs are available for the following specific versions of Exchange Server:
The November 2023 SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes. These vulnerabilities affect Exchange Server – Install these updates immediately to protect your environment.
Exchange Online customers are already protected from the vulnerabilities addressed by these SUs and do not need to take any action other than updating any Exchange servers or Exchange Management tools workstations in their environment.
More details about specific CVEs can be found in the Security Update Guide.
In this update:
Certificate signing of PowerShell serialization payload is now enabled by default. For more information on this, please see the feature documentation.
Update Installation:
The following update paths are available:
- Install the latest CU. Use the Exchange Update Wizard to choose your current CU and your target CU to get directions.
- Inventory your Exchange Servers to determine which updates are needed using the Exchange Server Health Checker script. Running this script will tell you if any of your Exchange Servers are behind on updates (CUs, SUs, or manual actions).
- Re-run the Health Checker after you install an SU to see if any further actions are needed.
- If you encounter errors during or after installation of Exchange Server, run the SetupAssist script. If something does not work properly after updates, see Repair failed installations of Exchange Cumulative and Security updates.
Known issues with this release:
Certain piped cmdlets (for example, Get-MailboxDatabase | Get-Mailbox) might fail on Management Tools only machines. More details and a possible workarounds can be found in the Serialized Data Signing feature documentation.
How to get and install the update
Method 1: Microsoft Update
This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.
Method 2: Microsoft Update Catalog
To get the standalone package for this update, go to the Microsoft Update Catalog website.
Method 3: Microsoft Download Center
You can get the standalone update package through the Microsoft Download Center.
- Security Update For Exchange Server 2019 CU12 SU11 (KB5032146)
- Security Update For Exchange Server 2019 CU13 SU4 (KB5032146)
- Security Update For Exchange Server 2016 CU23 SU11 (KB5032147)
Reach out to Messageware to improve your Microsoft Exchange Server Security
If you are not protecting all the protocols used by your Exchange Server, you’re putting your company at a higher risk of a data breach.
Security incidents happen frequently. They cause disruption, loss of data and potentially risk the reputation of your company. However, if you implement these steps, you’re doing more than most other companies.
Have you heard about Messageware’s EPG that offers advanced Exchange Server security to protect organizations from a variety of logon and password attacks, as well as extensive real-time reporting and alerts of suspicious logon activity? Click here to learn more.