Microsoft has released Security Updates (SUs) for vulnerabilities found in:
Exchange Server 2013
Exchange Server 2016
Exchange Server 2019
SUs are available in a self-extracting auto-elev...
Updated Sep 18, 2023
Version 9.0
Blog Post
Another interesting blog post. Within a day or two of this blog post appearing:
"signing of serialization payload feature is not recommended at this time if Exchange Server 2013 is present in the organization"
"Exchange 2013 Queue Viewer tool breaking"
"Exchange services might not start automatically if update is installed"
After following the guidance in this blog post it is reported "Health checker ... I keep seeing CVE errors"
Just curious. Before these SUs and recommendations are released, they are tested by people that have practical experience deploying Exchange servers and if there were any issues with the SU or Certificate Signing or the HealthChecker, the issues would of course be resolved first or noted in the original blog post as known issues. Right ? It wouldn't make sense to expose anyone's production environment to these problems and waste their time testing, troubleshooting, reporting, opening support cases, would it ? We don't want to see Exchange on-prem customers take on the role of beta testers, do we ?