Blog Post

Exchange Team Blog
6 MIN READ

Released: March 2023 Exchange Server Security Updates

The_Exchange_Team's avatar
The_Exchange_Team
Platinum Contributor
Mar 14, 2023
Microsoft has released Security Updates (SUs) for vulnerabilities found in: Exchange Server 2013 Exchange Server 2016 Exchange Server 2019 SUs are available in a self-extracting auto-elev...
Updated May 08, 2023
Version 22.0
announcements
Exchange 2013
exchange 2016
exchange 2019
on premises
security
setup
Nino_Bilic's avatar
Nino_Bilic
Icon for Microsoft rankMicrosoft
Mar 15, 2023

rhupf Please also make sure to check the FAQ that now exists on the script: https://microsoft.github.io/CSS-Exchange/Security/CVE-2023-23397/FAQ/ - if there are issues with the script the best way to file issues is via GitHub (the team who can do something about it will be there). But yes, it is Exchange team script so we can discuss it here.

Dennisdsmolinski The workarounds from last month were mainly to prevent EWS crash. As you install March SU, remove the workarounds. It is OK if you remove the workaround after all servers are updated (as if you used the global override, it would apply to all servers). I would then not remove the workaround until all machines are updated as (I am assuming) your organization was impacted by EWS crash in February, and if you removed the override, it could cause the machines that are still on Feb SU to start crashing...