Microsoft has released Security Updates (SUs) for vulnerabilities found in:
Exchange Server 2013
Exchange Server 2016
Exchange Server 2019
SUs are available in a self-extracting auto-elev...
Updated Dec 01, 2022
Version 9.0
Blog Post
@NinoBilic
Good morning Nino. We always do a reboot before the patch and then reboot after the patch. With an Exchange SU along with Windows Server patches, we make 2 passes: one to install the Windows Server patches and another pass to install the Exchange SU. For both passes there is a server reboot before and after the installation of the patches. Finally after the monthly patches are applied, the HealthChecker script is run.
On our production servers without Extended Protection applied that had all November patches applied this past weekend, the 11.11 HealthChecker and also the 11.14 HealthChecker scripts do not indicate the pending reboot.
However the servers in our QA lab, patched in the same manner displayed a pending reboot after Extended Protection was enabled. The servers were rebooted after the November patches and the HealthChecker (11.11 version) did not indicate a pending reboot. It was only after the enabling of Extended Protection that running the HealthChecker again (self updated to the 11.14 version) that the pending reboot displayed within the script results. After the reboot, the pending reboot notice in the script results went away indicating no pending reboots.
__PRESENT