Blog Post

Exchange Team Blog

6 MIN READ

Released: May 2022 Exchange Server Security Updates

Platinum Contributor

May 10, 2022

Microsoft has released security updates (SUs) for vulnerabilities found in: Exchange Server 2013 Exchange Server 2016 Exchange Server 2019 IMPORTANT: Starting with this release of Securit...

Updated May 27, 2022

Version 21.0

Platinum Contributor

Joined April 19, 2019

View Profile

Exchange Team Blog

You Had Me at EHLO.

anish johnes

Copper Contributor

Jun 16, 2022

Hi, We are running Exchange 2013 CU23. I have installed the May 2022 SU and prepared the domain as documented. When executing the latest Exchange Health Script it still says we are vulnerable "CVE-2022-21978 Install the May 2022 SU and run /PrepareDomain or /PrepareAllDomains - See: https://aka.ms/HC-May22SU". Someone had pointed out before that check for Exchange 2013 is not in place in the script ??

if ((($SecurityObject.MajorVersion -le [HealthChecker.ExchangeMajorVersion]::Exchange2016) -and
($SecurityObject.CU -le [HealthChecker.ExchangeCULevel]::CU23)) -or
(($SecurityObject.MajorVersion -eq [HealthChecker.ExchangeMajorVersion]::Exchange2019) -and
($SecurityObject.CU -le [HealthChecker.ExchangeCULevel]::CU12)) -and
($SecurityObject.ServerRole -ne [HealthChecker.ExchangeServerRole]::Edge)) {
Write-Verbose "Testing CVE: CVE-2022-21978"