This past week, security researchers discussed several ProxyShell vulnerabilities, including those which might be exploited on unpatched Exchange servers to deploy ransomware or conduct other post-ex...
Updated Aug 26, 2021
Version 2.0
Blog Post
In case they failed to emphasize this enough. They are not providing a patch for this for all installations of Exchange 2019. If you have not installed a recent CU, you will not receive the patch, and you will be vulnerable, and likely be attacked.
Yeah, it would be nice if Exchange was updated like every other MS product I know of - check for updates, and if none are available, then you are up to date.
And the "Cumulative Updates" aren't updates, they are upgrades that require backup and reinstallation of Exchange.
So, why in the world would MS take a step backwards and force you to manually reinstall Exchange in order to receive critical security updates? Why in the world would MS provide patches for this for some CUs for Exhange 2016 and not for all CUs of Exchange 2019?