Released: February 2023 Exchange Server Security Updates
Published Feb 14 2023 10:00 AM 140K Views

Microsoft has released Security Updates (SUs) for vulnerabilities found in:

  • Exchange Server 2013
  • Exchange Server 2016
  • Exchange Server 2019

SUs are available in a self-extracting auto-elevating .exe package, as well as the original update packages (.msp files), which can be downloaded from the Microsoft Update Catalog.

SUs are available for the following specific versions of Exchange Server:

  • Exchange Server 2013 CU23 (note that support and availability of SUs end on April 11, 2023)
  • Exchange Server 2016 CU23
  • Exchange Server 2019 CU11 and CU12 

Note: Build availability issues have been resolved. If your server downloaded the February SU via Windows/ Microsoft update before February 15 8 AM Pacific time, you might see the February update be offered again. Installing the updated package will bring your server forward to current February builds (verify using Health Checker after installation). The Download Center .exe update packages were (and still are) correct.

The February 2023 SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes. Although we are not aware of any active exploits in the wild, our recommendation is to immediately install these updates to protect your environment.

These vulnerabilities affect Exchange Server. Exchange Online customers are already protected from the vulnerabilities addressed in these SUs and do not need to take any action other than updating Exchange servers in their environment.

More details about specific CVEs can be found in the Security Update Guide (filter on Exchange Server under Product Family).

Update installation

The following update paths are available:

FEB2023SUpath.png

Known issues with this release

Issues resolved in this release

FAQs

Our organization is in Hybrid mode with Exchange Online. Do we need to do anything?
Exchange Online is already protected, but this SU needs to be installed on your Exchange servers, even if they are used only for management purposes. If you change the auth certificate after installing the February 2023 SU, you should re-run the Hybrid Configuration Wizard.

The last SU we installed is a few months old. Do we need to install all SUs in order, to install the latest one?
SUs are cumulative. If you are running a CU supported by the SU, you do not need to install all SUs in sequential order; simply install the latest SU. Please see this update FAQ blog post for more information.

Do we need to install SUs on all Exchange Servers within our organization? What about ‘Management Tools only’ machines?
Our recommendation is to install Security Updates on all Exchange Servers as well as servers or workstations running Exchange Management Tools only, which will ensure that there is no incompatibility between management tools clients and servers.

Updates to this post:

  • 3/3/2023: Added the resolved issue for customers who were blocked from enabling Extended Protection and using archiving
  • 3/2/2023: Added a known issue related to ECP add-ins page and non-default applications
  • 2/17/2023: Linked to the new KB article talking about the EWS crash
  • 2/16/2023: Clarification that we recommend that customers impacted by the EWS crash keep the February SU installed and implement the posted workaround
  • 2/16/2023: Clarified the EWS crash workaround
  • 2/16/2023: Added a known issue related to EWS crash and the workaround
  • 2/15/2023: Updated the note about download availability; all update packages should now be correct.
  • 2/15/2023: Added a note that there is a build availability problem; please use Download Center until this is resolved.

The Exchange Server Team

199 Comments
Copper Contributor

Hi Team,

does this update enable Power Shell serialization signing by default if we install directly the Exchange 2019 servers that doesn’t have Jan 2023 SU installed? If NOT

does it mandatory to have PS serialization signing enable on the Exchange servers after install Feb 2023 SU?

thanks, 

Microsoft

@maafraz No, this feature is not enabled by default at this time. It is not a mandatory feature, it is recommended.

Steel Contributor

Hi @Nino Bilic , 

 

Has the Queue Viewer issue after enabling the Serialized Data Signing feature been fixed? 

Please advise

Thanks!

Microsoft

@ceantuco Nope. Please see "Known issues" and "Issues resolved in this update" in the blog post above. I want to be clear that this (Queue Viewer) issue is related to certificate signing feature and not the SU.

Copper Contributor

Thanks Nino for prompt response

although it’s an optional feature, does it require to enable this feature to protect System from all listed vulnerabilities till date?

Thanks,

 

Steel Contributor

Thanks @Nino Bilic any idea when will it be fixed? 

Microsoft

@ceantuco Nothing to announce on that as of yet. Working on it...

Steel Contributor

@Nino Bilic Thanks! 

Microsoft

@maafraz No, there is not a specific CVE that requires turning this feature on to address a vulnerability. As of now, Serialized Data Signing of PowerShell payload is a "defense in depth" feature. BTW - when in doubt, always run Health Checker, it'll tell you if anything is needed to address any specific CVEs: https://aka.ms/ExchangeHealthChecker 

Copper Contributor

Is requiring SU's to be installed on mgmt tools only systems, new guidance?  I always thought CU's were needed for mgmt tools, but not SU's.

Copper Contributor

Hey @Nino Bilic , The Microsoft Update Catalog shows update KB5023038 for Ex2013 but when you click to download it, the file is KB5022188.

Microsoft

@doogie412 As we have been making changes to management tools also in SUs (for example, PowerShell payload certificate signing) - we have now spelled out the guidance that SUs should be installed on all machines. Otherwise, there could be incompatibilities between a (possibly much older) client and the server.

Microsoft

@jmiller345 Thank you - we are working on this... in the mean time - please use the download center packages.

Copper Contributor

@Nino Bilic How is it possible after 8 hours Microsoft still has the incorrect update package in the catalog?

 

 

Brass Contributor

In regards to mgmt tools is there a certain command to run. Only did it for CUs so might have missed SU procedure.

for CU I believe it is setup.exe /m:upgrade /IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF

Brass Contributor

Hello Exchange Team

 

I know this is not directly related to Exchange server, but I just finished installing Security Update for Windows Server 2022 21H2 that Exchange 2019CU12 is installed on and

the February 14, 2023—KB5022842 (OS Build 20348.1547) security update also installs another patch KB5022947 for which there is no KB article available, would it be possible to notify Windows Team and let us know what that Security Update patch is as per following screen

 

Source Description HotFixID InstalledBy InstalledOn
------ ----------- -------- ----------- -----------
Computer1 Update KB5022507 NT AUTHORITY\SYSTEM 2/15/2023 12:00:00 AM
Computer1 Security Update KB5012170 2/5/2023 12:00:00 AM
Computer1 Security Update KB5022842 NT AUTHORITY\SYSTEM 2/15/2023 12:00:00 AM
Computer1 Update KB5020373 1/6/2023 12:00:00 AM
Computer1 Security Update KB5022947 Computer1\Administrator 2/15/2023 12:00:00 AM

 

thank you

Copper Contributor

Installed SU on EX2016 CU23 via Windows Update. After restart, update KB5023038 shows as installed.

 

Healthcheck script still tells me that I am not running the latest SU. Reports build number as 15.1.2507.18. 

 

https://learn.microsoft.com/en-us/exchange/new-features/build-numbers-and-release-dates?view=exchser... shows that build number should be 15.1.2507.21. Previous SU build number is 15.1.2507.17.

Copper Contributor

@ScottKnightsI have the same result. Healthchecker checks version 15.1.2507.21. There is a git checkin from Microsoft yesterday with this change.

 

Yesterday the version number was 15.1.2507.17, now 15.1.2507.18 on Microsoft Exchange 2016 CU23. Installed by Windows Update.

Microsoft

@adixro the procedure on management tools machine is the same as on a mailbox server. Just install the SU via Microsoft Update or by running the .exe package. That's it.

Copper Contributor

@ScottKnightsI have the same result. Yesterday the build number was 15.1.2507.17. Today the build number is 15.1.2507.18. Healthchecker checks on version 15.1.2507.21. There is a git repository checkin from Microsoft that changed the version number to 15.1.2507.21.

Brass Contributor

After applying Feb SU I see lots of ASP.NET (1325) and WAS (5011) errors. It started right after installation has finished. Tried to recycle AppPool, IISReset and even Server reboot. Nothing helps.

 

Event ID 1325, ASP.NET 4.0.30319.0

Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Application ID: /LM/W3SVC/2/ROOT/EWS Process ID: 14692 Exception: Microsoft.Exchange.Diagnostics.BlockedDeserializeTypeException Message: Deserialization of type System.MarshalByRefObject blocked due to InDeny at location ClientExtensionCollectionFormatter. StackTrace: bei Microsoft.Exchange.Diagnostics.ChainedSerializationBinder.EnforceBlockReason(BlockReason blockReason, String typeName) bei Microsoft.Exchange.Diagnostics.ChainedSerializationBinder.BindToType(String assemblyName, String typeName) bei System.Runtime.Serialization.Formatters.Binary.ObjectReader.Bind(String assemblyString, String typeString) bei System.Runtime.Serialization.Formatters.Binary.ObjectReader.GetType(BinaryAssemblyInfo assemblyInfo, String name) bei System.Runtime.Serialization.Formatters.Binary.ObjectMap..ctor(String objectName, String[] memberNames, BinaryTypeEnum[] binaryTypeEnumA, Object[] typeInformationA, Int32[] memberAssemIds, ObjectReader objectReader, Int32 objectId, BinaryAssemblyInfo assemblyInfo, SizedArray assemIdToAssemblyTable) bei System.Runtime.Serialization.Formatters.Binary.__BinaryParser.ReadObjectWithMapTyped(BinaryObjectWithMapTyped record) bei System.Runtime.Serialization.Formatters.Binary.__BinaryParser.Run() bei System.Runtime.Serialization.Formatters.Binary.ObjectReader.Deserialize(HeaderHandler handler, __BinaryParser serParser, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage) bei System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize(Stream serializationStream, HeaderHandler handler, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage) bei Microsoft.Exchange.Data.ApplicationLogic.Extension.ClientExtensionCollectionFormatter.Deserialize(Stream serializationStream) bei Microsoft.Exchange.Data.ApplicationLogic.Extension.OrgExtensionSerializer.TryDeserialize(IUserConfiguration userConfiguration, OrgExtensionRetrievalResult& result, Exception& exception) bei Microsoft.Exchange.Data.ApplicationLogic.Extension.CachedOrgExtensionRetriever.TryDeserializeExtensionsFromCache(OrgExtensionRetrievalResult& deserializationResult) bei Microsoft.Exchange.Data.ApplicationLogic.Extension.CachedOrgExtensionRetriever.Retrieve(OrgExtensionRetrievalContext context) bei Microsoft.Exchange.Data.ApplicationLogic.Extension.OrgExtensionDataGetter.GetAllOrgExtensionData(OrgExtensionRetrievalContext context) bei Microsoft.Exchange.Data.ApplicationLogic.Extension.OrgExtensionTable.GetOrgExtensions(IOrgExtensionDataGetter orgExtensionDataGetter, OrgExtensionRetrievalContext retrievalContext, Boolean shouldRetrievePrivateCatalogExtensions, Boolean retrieveOnly1_0) bei Microsoft.Exchange.Data.ApplicationLogic.Extension.InstalledExtensionTable.GetOrgProvidedExtensions(HashSet`1 requestedExtensions, Boolean shouldReturnEnabledOnly, Dictionary`2 masterTableExtensions, Boolean isDebug, Boolean shouldRetrievePrivateCatalogExtensions, String& orgMasterTableRawXml, Boolean shouldReturnECPAddins) bei Microsoft.Exchange.Data.ApplicationLogic.Extension.InstalledExtensionTable.GetProvidedExtensions(HashSet`1 requestedExtensions, Boolean shouldReturnEnabledOnly, Dictionary`2 masterTableExtensions, Boolean isDebug, Boolean shouldRetrievePrivateCatalogExtensions, String& orgMasterTableRawXml, Boolean shouldReturnECPAddins) bei Microsoft.Exchange.Data.ApplicationLogic.Extension.InstalledExtensionTable.GetExtensions(HashSet`1 requestedExtensions, Boolean shouldReturnEnabledOnly, Boolean shouldFailOnGetOrgExtensionsTimeout, Boolean isDebug, String& orgMasterTableRawXml, CultureInfo culture, Boolean filterOutDuplicateMasterTableExtensions, Boolean shouldRetrievePrivateCatalogExtensions, MultiValuedProperty`1 capabilities, Boolean shouldReturnECPAddins) bei Microsoft.Exchange.Services.Wcf.GetExtensibilityContext.GetExtensions(ICallContext callContext, Boolean isUserScope, Boolean shouldReturnEnabledOnly, Boolean shouldFailOnGetOrgExtensionsTimeout, OrgEmptyMasterTableCache orgEmptyMasterTableCache, ExtensionsCache extensionsCache, HashSet`1 requestedExtensions, Boolean isRawXmlRequired, Boolean shouldRetrievePrivateCatalogExtensions, Nullable`1 orgExtensionVersion, Boolean checkForExpiryOfUserCacheOfOrgExtensions, String& masterTableRawXml, Boolean retrieveOnly1_0, Boolean filterOutDuplicateMasterTableExtensions, Version apiVersionSupported, Boolean shouldReturnECPAddins) bei Microsoft.Exchange.Services.Core.GetAppManifests.GetExtensionDataList(HashSet`1 privateCatalogAddIns, Version schemaVersionSupported, Boolean shouldIncludeAllInstalledAddIns, Boolean shouldReturnECPAddins) bei Microsoft.Exchange.Services.Core.GetAppManifests.<>c__DisplayClass12_0.<ExecuteGetAppManifests>b__0() bei Microsoft.Exchange.Data.ApplicationLogic.Extension.InstalledExtensionTable.RunClientExtensionAction(Action action) bei Microsoft.Exchange.Services.Wcf.GetExtensibilityContext.RunClientExtensionAction(Action action, Exception& exception) bei Microsoft.Exchange.Services.Core.GetAppManifests.ExecuteGetAppManifests(Exception& clientExtensionException) bei Microsoft.Exchange.Services.Core.GetAppManifests.Execute() bei Microsoft.Exchange.Services.Core.ExceptionHandler`1.Execute(IRequestDetailsLogger logger, CreateServiceResult createServiceResult, Int32 index, ExecutionOption executionOption) bei Microsoft.Exchange.Services.Core.BaseStepServiceCommand`3.InternalExecuteStep(Boolean& isBatchStopResponse) bei Microsoft.Exchange.Services.Core.ServiceCommandBase`1.<ExecuteStep>b__82_0() bei Microsoft.Exchange.Services.Core.ServiceCommandBase`1.<>c__DisplayClass88_0.<ExecuteHelper>b__0() bei Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(Action tryDelegate, Func`2 filterDelegate, Action`1 catchDelegate) bei Microsoft.Exchange.Services.Core.ServiceDiagnostics.SendWatsonReportOnUnhandledException(ICallContext callContext, Action methodDelegate) bei Microsoft.Exchange.Services.Core.ServiceCommandBase`1.ExecuteHelper(Func`1 action) bei Microsoft.Exchange.Services.Core.Types.ServiceTask`1.<>c__DisplayClass11_0.<ExecuteHelper>b__0() bei Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(Action tryDelegate, Func`2 filterDelegate, Action`1 catchDelegate) bei Microsoft.Exchange.Services.Core.Types.BaseServiceTask`1.SendWatsonReportOnGrayException(Action callback, Action exceptionHandlerCallback, Boolean isGrayExceptionTaskFailure) bei Microsoft.Exchange.Services.Core.Types.ServiceTask`1.ExecuteHelper(Func`1 multiStepAction) bei Microsoft.Exchange.Services.Core.Types.ServiceTask`1.<InternalExecute>b__7_0() bei Microsoft.Exchange.Diagnostics.RequestDetailsLoggerBase`1.TrackLatency[TResult](Enum latencyMetadata, Func`1 method) bei Microsoft.Exchange.Diagnostics.RequestDetailsLoggerBase`1.TrackLatency[TResult](Enum latencyMetadata, Func`1 method, Double& latencyValue) bei Microsoft.Exchange.Services.Core.Types.ServiceTask`1.InternalExecute(TimeSpan queueAndDelay, TimeSpan totalTime) bei Microsoft.Exchange.Services.Core.Types.BaseServiceTask`1.<>c__DisplayClass33_0.<Execute>b__0() bei Microsoft.Exchange.Services.Core.Types.BaseServiceTask`1.LocalTimedCall(Action action) bei Microsoft.Exchange.Services.Core.Types.BaseServiceTask`1.ExecuteWithinCallContext(Action action) bei Microsoft.Exchange.Services.Core.Types.BaseServiceTask`1.Execute(TimeSpan queueAndDelayTime, TimeSpan totalTime) bei Microsoft.Exchange.Services.Core.Types.BaseServiceTask`1.ExecuteLoop(Boolean synchronously) bei System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) bei System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() bei System.Threading.ThreadPoolWorkQueue.Dispatch()

 

EventID 5011, WAS

Schwerwiegender Kommunikationsfehler im Windows-Prozessaktivierungsdienst bei einem Prozess für den Anwendungspool "MSExchangeServicesAppPool". Die Prozess-ID ist "14692". Das Datenfeld enthält die Fehlernummer.

 

HealthChecker shows no errors and installed SU:

Version: Exchange 2016 CU23 Feb23SU
Build Number: 15.01.2507.021

 

Clients don't seem to be affected though. Any help is much appreciated.

Copper Contributor

Still no fix for this issue:

Customers using a Retention Policy containing Retention Tags which perform Move to Archive actions should not configure Extended Protection, as enabling Extended Protection will cause automated archiving to stop working.

 

Brass Contributor

Regarding my previous post: Outlook Search is not working anymore. "something went wrong..." and "connection problem".

Microsoft

@nak_87 how did you install the February 2023 SU. Via Microsoft Update or by running the .exe update package?

Brass Contributor

@Lukas Sasslby running .exe package (Exchange2016-KB5023038-x64-de.exe).

Copper Contributor

I don't see the latest MSP file in the Microsoft Update catalog, can anyone advise the correct location?

Microsoft

@mvsamson yes, they are intentionally not available at the moment. You can use the download center .exe packages in the meantime.

Copper Contributor

@Lukas Sassl  please tell us whats going wrong with the build numbers!

Copper Contributor

Installed the update on four DAG members via WSUS; like the onetrillion times before. File Activemonitoringeventmsg.dll is dated from December 2022.

Healthchecker is not happy at all. Says that the update isn't installed.

Exchange Information
--------------------
        Name: $ExchangeServer$
        Generation Time: 02/15/2023 14:27:34
        Version: Exchange 2016 CU23
        Build Number: 15.01.2507.018
        Exchange IU or Security Hotfix Detected:
                Security Update for Exchange Server 2016 Cumulative Update 23 (KB5014261)
                Security Update for Exchange Server 2016 Cumulative Update 23 (KB5015322)
                Security Update for Exchange Server 2016 Cumulative Update 23 (KB5019077)
                Security Update for Exchange Server 2016 Cumulative Update 23 (KB5019758)
                Security Update for Exchange Server 2016 Cumulative Update 23 (KB5022143)
                Not on the latest SU. More Information: https://aka.ms/HC-ExBuilds

Windows says it has installed the update:

Installation erfolgreich: Das folgende Update wurde installiert. Security Update For Exchange Server 2016 CU23 (KB5023038)

Please advice @Lukas Sassl 

Copper Contributor

@DaSven The update catalog had the incorrect file uploaded, when you installed from WSUS it did not install KB5023038, it installed KB5022188. See Jmiller345's post above and Nino's response. 

 
 

 

Brass Contributor

On servers running Exchange Management Tools only the command "Get-ExchangeCertificate" still returns blank results. This is not listed under known issues. Are you working at that problem too or did you forget it?

Microsoft

@DaSven I added a note to the blog now on this but: Windows Update is currently delivering a later version of January 2023 update. This is going to be addressed shortly. Then later today, Windows Update will get the actual February 2023 update bits so there will be another February update for customers who are getting updates from Windows / Microsoft Update. Yes, mistakes were made, but your server is not in an unknown state and will get back on track once new builds are available and are installed (but this will be a new update installation, yes) and then Health Checker will show it all updated.

EDIT: this has now been resolved, please see updated note in the blog post above.

Copper Contributor


UPDATE: seems like i was able to fix this by toggling one of the add-ins disable/enable in EAC and that allowed users to display the manage add-in page in OWA

---
anybody else have their OWA add-ins disappear after this update?

add-ins in the outlook fat client seem to still work, but are no longer showing up in OWA

looking at manage add-ins just spins with a loading message

Screen Shot 2023-02-15 at 8.06.56 AM.pngScreen Shot 2023-02-15 at 8.06.34 AM.png

Brass Contributor

Updated manually 2 servers with Exchange 2016 CU23 + Jan23SU:

1. HealthChecker.ps1 shows version .21

2. EAC show .17 for 1 server and .18 for another. 2 reinstall didn't change anything.

3. Get-HealthReport shows only Monitoring Unhealthy

4. Application logs full of errors on both servers

 

An unhandled exception occurred and the process was terminated.

Application ID: /LM/W3SVC/2/ROOT/EWS

Process ID: 34516

Exception: Microsoft.Exchange.Diagnostics.BlockedDeserializeTypeException

Message: Deserialization of type System.MarshalByRefObject blocked due to InDeny at location ClientExtensionCollectionFormatter.

 

5. Server-side search in Outlook is broken.

6. Scheduling assistant "think" 20-30 seconds before display calendars (before update it was immediate, system is on SSD).

7. Edit add-ins in OWA broken too...

"Great" work, MS :(

How to fix this mess?

Brass Contributor

@Renat Matveevsame error as well and ews services constantly starting about twice per minute. (The Exchange Web Services started successfully.) OUtlook for mac might be affected

Copper Contributor

@Renat Matveev  same problems here.

It takes several seconds up to minutes to open an additional calendar in Outlook. Sometimes it fails completely.

 

Directly after installing the update, the event viewer logfiles starts filling with errors.

system-Log Warning; Source: WAS, ID: 5011
application-Log Error; Source: ASP.NET 4.0.30319.0, ID: 1325

 

Exchange 2016 CU 23 + Jan23SU; DAG; manually update in maintenance mode.

Brass Contributor

Yes, my macOS users also complains because of EWS broken after updates. Most of them can't send mails

Brass Contributor

@Renat Matveev @Nino Bilic Anything using EWS is affected (OUtlook MAC/Apple Mail disconnected, add-ons).

 

MSExchangeServicesAppPool is constantly crashing

 

The Exchange Web Services started successfully.

 

An unhandled exception occurred and the process was terminated.

Application ID: /LM/W3SVC/2/ROOT/EWS

Process ID: 36180

Exception: Microsoft.Exchange.Diagnostics.BlockedDeserializeTypeException

Message: Deserialization of type System.MarshalByRefObject blocked due to InDeny at location ClientExtensionCollectionFormatter.

 

A process serving application pool 'MSExchangeServicesAppPool' suffered a fatal communication error with the Windows Process Activation Service. The process id was '28172'. The data field contains the error number.

Brass Contributor

After installing the February 2023 SU on two of our four Exchange 2016 CU23 servers that were already running the January 2023 SU, we had problems with POP and IMAP that we were able to overcome.  Due to later reports of problems with Mac clients and search, however, we are now uninstalling the February 2023 SU.

Brass Contributor

@Robert_Blissitt1930Hi Robert, please keep us posted about the Feb SU uninstall. I assume you might have to apply the Jan SU since SUs are cumulative.

Brass Contributor

@adixro , According to Control Panel / Installed Updates, Exchange reverted to the January SU after I uninstalled the February SU.  I thought I would have to reinstall the January SU, but apparently not...

Brass Contributor

@Robert_Blissitt1930Thanks for the feedback. Did you just uninstalled it via Control Panel?

Brass Contributor

@adixro Yes, we're still running Exchange 2016 on Windows 2012 R2 and migrating the remainder of our mailboxes to M365 now.

Microsoft

@adixro and @Robert_Blissitt1930 We are not able to reproduce the crashes with EWS but have received a support ticket with it. The issue is being investigated. The bottom line is - definitely not every install will have this problem. It never cropped up in weeks of testing internally either. But obviously - something is going on. We will update when we know more, at this point I simply do not have anything more to share.

Microsoft

Should Monthly Security Updates be installed before or after the Exchange SU?

Microsoft

@nak_87 @Renat Matveev regarding the search: Can you please check if the Microsoft Exchange Search service is up and running?

Copper Contributor

Hi, we have the same problems with EWS on WinServer2016 (Patchlevel Jan2023) and latest CU for Exchange 2016. All clietns which uses EWS are broken, f.e. Teams, MacMail and Evolution. We rolled the update back as we need EWS. Is there any workaround already available? Regards Enno

Brass Contributor

Also have the issue with EWS... MACs are struggling, EWS dependent services are down. Errors 1325 in event viewer...

Exchange 2016 CU23 with Jan update (now with Feb update, obviously).

 

Really hope for a solution ASAP

Copper Contributor

I installed the latest Exchange CU23 update today via Windows Update and it broke my mail flow from external users.  

I uninstalled the Security Update and rebooted (took 1hr) and mail flow resumed.

It's showing me Version 15.1 ‎(Build 2507.18)‎.

Looks like CU23 got installed via Windows Update?  Last time I installed a CU manually was 5/12/2022.

Should I try to install the update again via the exe? 

Gawd, I can't wait to move this to the cloud! lol

Brass Contributor

@Lukas Sassl  Microsoft Exchange Search is up and running. I figured out that after IIS Reset the search works for a couple of minutes but once EWS crashes (ASP.NET 4.0.30319.0, ID: 1325; WAS, ID: 5011) it stops working. EWS crashing, along with ASP.NET error, happens every 1-2 minutes.

Yesterday I manually reinstalled FebSU (.exe Package) but nothing has changed.

Co-Authors
Version history
Last update:
‎Mar 03 2023 09:53 AM
Updated by: