Blog Post

Exchange Team Blog
4 MIN READ

Released: August 2022 Exchange Server Security Updates

The_Exchange_Team's avatar
The_Exchange_Team
Platinum Contributor
Aug 09, 2022
Microsoft has released security updates (SUs) for vulnerabilities found in: Exchange Server 2013 Exchange Server 2016 Exchange Server 2019 IMPORTANT: Updates are released in a self-extrac...
Updated Aug 11, 2022
Version 8.0
announcements
security
setup
LukasSMSFT's avatar
LukasSMSFT
Icon for Microsoft rankMicrosoft
Aug 15, 2022

jakobschaefer The certificate which is used on the device between the clients and the Exchange servers must be assigned to the webservices (IIS). This is required as the hash of the certificate - which is used to establish the TLS session - will be used as Channel Binding Token (CBT). If the hash doesn't match and Extended Protection is enabled on Exchange, the connection will not be considered as trusted, and your clients will no longer be able to connect. 

 

Regarding archiving: I can't share more details on this yet as this is being actively investigated. We will update this blog post and the Extended Protection documentation as soon as we have more information regarding this topic.