Released: November 2021 Exchange Server Security Updates

Published Nov 09 2021 10:01 AM 143K Views

Microsoft has released security updates for vulnerabilities found in:

  • Exchange Server 2013
  • Exchange Server 2016
  • Exchange Server 2019

These updates are available for the following specific builds of Exchange Server:

IMPORTANT: If manually installing security updates, you must install .msp from elevated command prompt (see Known Issues in update KB article).

The November 2021 security updates for Exchange Server address vulnerabilities reported by security partners and found through Microsoft’s internal processes. We are aware of limited targeted attacks in the wild using one of vulnerabilities (CVE-2021-42321), which is a post-authentication vulnerability in Exchange 2016 and 2019. Our recommendation is to install these updates immediately to protect your environment.

These vulnerabilities affect on-premises Microsoft Exchange Server, including servers used by customers in Exchange Hybrid mode. Exchange Online customers are already protected and do not need to take any action.

More details about specific CVEs can be found in Security Update Guide (filter on Exchange Server under Product Family).

Update installation

Two update paths are available:

Nov2021SUpath.jpg

Inventory your Exchange Servers / determine which updates are needed

Use the Exchange Server Health Checker script (use the latest release) to inventory your servers. Running this script will tell you if any of your Exchange Servers are behind on updates (CUs and SUs).

Update to the latest Cumulative Update

Go to https://aka.ms/ExchangeUpdateWizard and choose your currently running CU and your target CU to get directions for your environment.

If you encounter errors during or after installation of Exchange Server updates

If you encounter errors during installation, see the SetupAssist script. If something does not work properly after updates, see Repair failed installations of Exchange Cumulative and Security updates.

Known issues with update

FAQs

We installed November 2021 SU on our Exchange 2016/2019 servers. Is there something that we can check to see if exploit was attempted on our servers before the fix for CVE-2021-42321 was put in place?
Run the following (updated) PowerShell query on your Exchange server to check for specific events in the Event Log:

Get-WinEvent -FilterHashtable @{ LogName='Application'; ProviderName='MSExchange Common'; Level=2 } | Where-Object { $_.Message -like "*BinaryFormatter.Deserialize*" }

If events are found, please work with your Security Response team to analyze the server further.

Did Microsoft release a CVE-2021-42321 mitigation via either Exchange Server Emergency Mitigation Service or the stand-alone EOMT tool?
We have not released mitigations for this vulnerability. Please update your servers to resolve the vulnerability.

Will Microsoft be releasing November 2021 SUs for older (unsupported) versions of Exchange CUs?
No. Please update to one of the supported CUs to be able to install November SUs.

My organization is in Hybrid mode with Exchange Online. Do I need to do anything?
While Exchange Online customers are already protected, the November 2021 security updates do need to be applied to your on-premises Exchange Servers, even if they are used only for management purposes. You do not need to re-run the Hybrid Configuration Wizard (HCW) after applying updates.

Do I need to install the updates on ‘Exchange Management Tools only’ workstations?
Servers or workstations running only Microsoft Exchange Management Tools (no Exchange services) do not need to apply these updates.

Updates to this blog post:

  • 11/24: Added a link to a KB article talking about workarounds for OWA redirection doesn't work after installing November 2021 security updates for Exchange Server 201...
  • 11/15: Added a known issue with November security update on Windows domain controllers, and solution
  • 11/11: Added a known issue with OWA redirect for hybrid customers
  • 11/10: Added a FAQ about mitigations
  • 11/10: Changed the PowerShell query for event searches from an older Get-EventLog to a newer and more performant Get-WinEvent.
  • 11/10: Changed the known issue wording to indicate that WSUS issue related to installation of Exchange 2013 November SU has now been resolved. If you use WSUS, please download the updated WSUS cab file.
  • 11/9: When this post got originally published, we incorrectly mentioned that Microsoft Update (MU) installation could lead to an error when Exchange 2013 SU was installed. This has now been corrected to mention Windows Server Update Services (WSUS) instead (which is where the problem is.)

The Exchange Team

155 Comments
%3CLINGO-SUB%20id%3D%22lingo-sub-2944430%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2944430%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20we%20directly%20deploy%20November%202021%20update%20without%20deploying%20October%202021%20update.%20We%20had%20completed%20the%20September%202021%20update%20and%20were%20planning%20to%20complete%20the%20October%202021.%3C%2FP%3E%3CP%3ESo%20customers%20who%20have%20deployed%20September%202021%20update%20and%20updated%20the%20schema%20can%20update%20to%20November%202021%20update.%3C%2FP%3E%3CP%3EPlease%20advise.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%2C%3C%2FP%3E%3CP%3EAjit%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2944481%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2944481%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F88801%22%20target%3D%22_blank%22%3E%40Michael%20Hincapie%3C%2FA%3E%26nbsp%3BYeah%2C%20the%20WSUS%20problem%20is%20unfortunate%2C%20but%20we%20should%20have%20this%20resolved%20soon%20here.%20Sigh.%20Not%20great%20but%20hang%20in%20there!%20Microsoft%20Update%20(MU)%20should%20work%2C%20though.%20Also%20note%20that%20the%20WSUS%20issue%20impacts%20only%20Exchange%202013%20(not%20Exchange%202016%20%2F%202019%20which%20are%20the%20versions%20highlighted%20in%26nbsp%3BCVE-2021-42321).%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2944441%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2944441%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F219434%22%20target%3D%22_blank%22%3E%40Ajit%20Terdalkar%3C%2FA%3E%26nbsp%3BYes%20you%20can%20install%20November%20SU%20directly%20on%20top%20of%20CUs%20that%20it%20supports%3B%20installation%20of%20October%20SU%20is%20not%20a%20requirement%20for%20a%20later%20SU.%20All%20our%20SUs%20are%20cumulative%20since%20the%20last%20CU%20they%20are%20for.%20For%20more%20details%20of%20how%20this%20updating%20works%2C%20please%20see%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fexchange-team-blog%2Fwhy-exchange-server-updates-matter%2Fba-p%2F2280770%22%20target%3D%22_blank%22%3EWhy%20Exchange%20Server%20updates%20matter%20-%20Microsoft%20Tech%20Community%3C%2FA%3E.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2945699%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2945699%22%20slang%3D%22en-US%22%3E%3CP%3EI%20am%20with%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1213377%22%20target%3D%22_blank%22%3E%40kurt_thomo%3C%2FA%3E%26nbsp%3Bany%20specific%20area%20affected%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ety%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2945873%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2945873%22%20slang%3D%22en-US%22%3E%3CP%3EHi%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F5374%22%20target%3D%22_self%22%3E%3CSPAN%20class%3D%22%22%3ENino%20Bilic%20%3C%2FSPAN%3E%3C%2FA%3E%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22%22%3EAt%20present%2C%20we%20are%20running%20Exchange%202019%20CU10%20with%20no%20SU%20updated%20installed.%20Planning%20to%20install%20the%20Nov2021%20SU%20update%20for%20Exchange%202019%20CU10.%20In%20this%20case%2C%20later%20%3CSTRONG%3Eif%20I%20install%20the%20CU11%3C%2FSTRONG%3E%2C%20do%20we%20need%20to%20%3CSTRONG%3Ereapply%20the%20Nov2021%20SU%20update%20for%20Exchange%202019%20CU11%3C%2FSTRONG%3E%3F%26nbsp%3B%20(we%20always%20one%20CU%20update%20behind%20due%20to%20NetBackup%20official%20compatibility)%20please%20confirm.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22%22%3EAppreciate%20your%20earliest%20response%20please%2C%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22%22%3EThanks%2C%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2946554%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2946554%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F859668%22%20target%3D%22_blank%22%3E%40KLukas%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20the%20prompt%20response.%3C%2FP%3E%3CP%3EThis%20mean%20we%20have%20to%20repeat%20the%20Nov2021-SU%20installation%20again%20for%20CU11%20or%20install%20the%20latest%20upcoming%20SU%20for%20CU11%20to%20keep%20protected.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2946607%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2946607%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20are%20on%20Hybrid%20%2C%20all%20mailboxes%20on%20cloud%20.%3C%2FP%3E%3CP%3EWe%20depend%20on%20On-Premise%20servers%20for%20SMTP-Relay%20connector%20and%20distribution%20group%20only.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWill%20we%20impacted%20with%26nbsp%3B%3CSPAN%3Evulnerabilities%20(%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fmsrc.microsoft.com%2Fupdate-guide%2Fvulnerability%2FCVE-2021-42321%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ECVE-2021-42321%3C%2FA%3E%3CSPAN%3E)%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2946758%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2946758%22%20slang%3D%22en-US%22%3E%3CP%3EDear%20team%26nbsp%3B%3CBR%20%2F%3E%3CBR%20%2F%3EAny%20relevant%20info%20to%20%3CSPAN%3EEmergency%20Mitigation%20service%20(EM%20service)%20provide%20by%20previous%20CU%20if%20Exchange%20severs%20not%20apply%20this%20latest%20SU%3F%26nbsp%3B%26nbsp%3B%3CBR%20%2F%3E%3CBR%20%2F%3EThanks%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2946904%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2946904%22%20slang%3D%22en-US%22%3E%3CP%3EI%20just%20installed%20the%202019%20CU%2011%20SU2%20on%20two%202019%20CU11%20SU1%20servers.%20There%20is%20something%20odd%20with%20the%20file%20version%20numbers%20though.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Ftopic%2Fdescription-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-november-9-2021-kb5007409-7e1f235a-d41b-4a76-bcc4-3db90cd161e7%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Ftopic%2Fdescription-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-november-9-2021-kb5007409-7e1f235a-d41b-4a76-bcc4-3db90cd161e7%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHere%20the%20following%20is%20shown%3A%3C%2FP%3E%3CP%3E%22Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%2010%20Security%20Update%203%22%20shows%20file%20version%20%2215.2.986.11%22%20for%20%22Activemonitoringeventmsg.dll%22.%3C%2FP%3E%3CP%3E%22Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%2011%20Security%20Update%202%22%20shows%20file%20version%20%2215.2.922.19%22%20for%20%22Activemonitoringeventmsg.dll%22.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThat%20should%20be%20the%20other%20way%20around.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2946926%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2946926%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F848816%22%20target%3D%22_blank%22%3E%40keen120%3C%2FA%3E%26nbsp%3Bplease%20run%20the%20Exchange%20Health%20Checker%20script%20(%3CA%20href%3D%22https%3A%2F%2Faka.ms%2FExchangeHealthChecker%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Faka.ms%2FExchangeHealthChecker%3C%2FA%3E)%20to%20validate%20the%20update%20status.%20It%20displays%20the%20build%20number%20and%20security%20update%20information.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EEdit%3A%2F%2F%20Thanks%20for%20reporting%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F848816%22%20target%3D%22_blank%22%3E%40keen120%3C%2FA%3E%26nbsp%3B.%20I'll%20report%20this%20back.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2946957%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2946957%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F804488%22%20target%3D%22_blank%22%3E%40Johnny_Yao_Taiwan%3C%2FA%3E%26nbsp%3Bno%20mitigation%20has%20been%20released%20for%20the%26nbsp%3BCVE-2021-42321%20vulnerability.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ESee%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Fexchange-emergency-mitigation-service%3Fview%3Dexchserver-2019%23list-of-mitigations-released%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Fexchange-emergency-mitigation-service%3Fview%3Dexchserver-2019%23list-of-mitigations-released%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2947105%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2947105%22%20slang%3D%22en-US%22%3E%3CP%3EThe%20article%20does%20not%20state%20it%20explicitly%2C%20but%20I%20assume%20that%20the%20security%20updates%20are%20targeted%20not%20only%20for%20Mailbox%20servers%20but%20Edge%20Transport%20servers%2C%20too.%20Is%20this%20correct%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2947132%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2947132%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F3842%22%20target%3D%22_blank%22%3E%40Thomas%20Stensitzki%3C%2FA%3E%26nbsp%3Bcorrect%2C%20the%20Security%20Updates%20are%20also%20applicable%20for%20Edge%20Transport%20Servers.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2947387%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2947387%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnyone%20with%20this%20update%2C%20got%20the%20hybrid%20redirection%20link%20broken%3F%20When%20logging%20in%20on-premises%2C%20with%20a%20cloud%20migrated%20mailbox%2C%20it%20shows%20an%20error%20and%20the%20redirection%20link%20is%20missing.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2946493%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2946493%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1213510%22%20target%3D%22_blank%22%3E%40Afraz1380%3C%2FA%3E%26nbsp%3Bthat's%20correct.%20You%20should%20install%20the%20latest%20SU%20for%20CU11%20to%20stay%20current.%20We%20document%20the%20CU%2FSU%20combinations%20here%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Fnew-features%2Fbuild-numbers-and-release-dates%3Fview%3Dexchserver-2019%23%3A~%3Atext%3DExchange%2520Server%25202019%2520%2520%2520%2520Product%2520name%2C%2520%252015.02.0858.012%2520%252023%2520more%2520rows%2520%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EExchange%20Server%20build%20numbers%20and%20release%20dates%20%7C%20Microsoft%20Docs%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2944453%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2944453%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F5374%22%20target%3D%22_blank%22%3E%40Nino%20Bilic%3C%2FA%3EThank%20you%20for%20the%20information%3B%20I%20always%20appreciate%20the%20fast%20response%20from%20Microsoft%20Team.%20As%20this%20is%20becoming%20a%20normal%20thing%2C%20what%20are%20the%20best%20possible%20ways%20to%20automate%20this%20process%3F%20Would%20the%20automation%20be%20better%20with%20SCCM%3F%20or%20do%20you%20have%20any%20other%20recommendations%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2946700%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2946700%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20have%26nbsp%3B%3CSPAN%3EExchange%202013%20CU23%2C%20and%20WSUS%2C%20can%20we%20install%20this%20update%3F%20Above%20you%20wrote%20that%20an%20error%20may%20occur%20%22error%200x80070643%20in%20the%20event%20log%2C%20event%20ID%2020%22%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2949528%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2949528%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1214366%22%20target%3D%22_blank%22%3E%40nol12%3C%2FA%3E%26nbsp%3BThe%20Security%20Updates%20are%20only%20available%20for%20the%20latest%20(supported)%20CUs%20as%20stated%20in%20the%20FAQ%20section%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E%3CEM%3EWill%20Microsoft%20be%20releasing%20November%202021%20SUs%20for%20older%20(unsupported)%20versions%20of%20Exchange%20CUs%3F%3CBR%20%2F%3E%3C%2FEM%3E%3C%2FSTRONG%3E%3CSPAN%3ENo.%20Please%20update%20to%20one%20of%20the%20supported%20CUs%20to%20be%20able%20to%20install%20November%20SUs.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2946789%22%20slang%3D%22en-US%22%3EBetreff%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2946789%22%20slang%3D%22en-US%22%3E%3CP%3ETo%20avoid%20similar%20weak%20points%3A%20does%20it%20make%20sense%20to%20disable%20unneeded%20features%20for%20NonAdmins%20or%20does%20it%20have%20undesirable%20side%20effects%3F%20%3A%20e.g.%20set%20EWSEnabeled%2C%20ECPEnabled%2C%20RemotePowerShellEnabled%20to%20false.%20We%20also%20do%20it%20with%20IMAP%20and%20POP%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2947724%22%20slang%3D%22es-ES%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2947724%22%20slang%3D%22es-ES%22%3E%3CP%3ESame%20problem%20here%20with%20OWA%20redirection%20as%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F762087%22%20target%3D%22_blank%22%3E%40bbzome%3C%2FA%3E%20%3CBR%20%2F%3E%20Any%20resolution%3F%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOf%20course%2C%20this%20was%20done%20in%20the%20past%3A%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Fhybrid-deployment%2Fsimplify-owa-url%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Fhybrid-deployment%2Fsimplify-owa-url%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3ENo%20resolution%20yet.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2944181%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2944181%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F420225%22%20target%3D%22_blank%22%3E%40jordanl17%3C%2FA%3E%26nbsp%3BTechnically%2C%20it%20is%20kind%20of%20unrelated.%20If%20auth%20is%20successful%20(2FA%20or%20not)%20then%20CVE-2021-42321%20could%20be%20exploitable.%20But%20indeed%2C%202FA%20can%20make%20authentication%20be%20harder%20to%20go%20through%20so%20in%20that%20respect%2C%20it%20can%20%22help%22.%20But%20let's%20say%20if%20there%20is%20an%20account%20with%202FA%20that%20has%20been%20compromised%20-%20well%2C%20in%20that%20case%20it%20would%20make%20no%20difference.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2944119%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2944119%22%20slang%3D%22en-US%22%3E%3CP%3Edoes%202fa%20help%20protect%20against%20this%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2945691%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2945691%22%20slang%3D%22en-US%22%3E%3CP%3EAny%20information%20on%20what%20endpoint%20(virtual%20directory)%20is%20vulnerable%3F%26nbsp%3B%20e.g.%20OWA%2C%20EWS%2C%20ECP%20etc.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2951977%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2951977%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1214321%22%20target%3D%22_blank%22%3E%40Chris460%3C%2FA%3E%26nbsp%3BAuthenticated%20user.%20Not%20necessarily%20authenticated%20Admin%20user.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2952281%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2952281%22%20slang%3D%22en-US%22%3EHello%2C%20I'm%20currently%20running%20Exchange%202013%20on%20premise.%20I%20am%20running%20version%2015.00.1497.018%20which%20is%20the%20May%202021%20SU.%20What%20procedure%20must%20I%20follow%20to%20upgrade%20to%20the%20November%20SU%20from%20the%20May%202021%3F%20I%20believe%20I%20read%20somewhere%20that%20updating%20the%20AD%20Schema%20was%20required%20to%20do%20the%20July%202021%20SU's.%20Will%20I%20need%20to%20update%20the%20Schema%20to%20apply%20the%20November%20SU%3F%20Thanks%20in%20advance!%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2952453%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2952453%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1026124%22%20target%3D%22_blank%22%3E%40jeffc1670%3C%2FA%3E%26nbsp%3BAll%20that%20you%20need%20to%20do%20is%20install%20the%20November%20SU%20(from%20elevated%20CMD%20prompt%20if%20installing%20manually%2C%20or%20from%20Microsoft%20Update).%20Now%20-%20on%20your%20question%20about%20schema%20update%20-%20yes%2C%20there%20was%20a%20security%20change%20in%20Exchange%20schema%20that%20was%20done%20back%20in%20July%202021.%20All%20that%20you%20should%20do%20about%20that%20is%20-%20after%20you%20install%20November%20SU%2C%20you%20can%20follow%20the%20steps%20we%20outlined%20in%20our%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fexchange-team-blog%2Freleased-july-2021-exchange-server-security-updates%2Fba-p%2F2523421%22%20target%3D%22_self%22%3EJuly%20update%20article%3C%2FA%3E%20to%20update%20the%20schema.%20Either%20%22Exchange%202013%20CU23%22%20or%20%22Exchange%20no%20longer%20installed%20in%20the%20forest%22%20steps%20will%20work%20(depending%20on%20where%20schema%20master%20is%2C%20that%20might%20be%20easier%20to%20do.)%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2952661%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2952661%22%20slang%3D%22en-US%22%3E%3CP%3ESimilar%20issue%20with%20OWA%20now%20broken.%20Environment%3A%20Exchange%202013%20on%20Windows%20Server%202012%2C%20Full-Hybrid%2C%20latest%20updates.%20I%20saw%20the%20reports%20in%20the%20comments%20about%20OWA%20redirect%20for%20hybrid%20not%20working%20so%20I%20tested%20it%20before%20I%20ran%20the%20updates%20and%20all%20was%20well.%20Updated%20the%20cluster%20and%20now%20it%20no%20longer%20works.%20Error%20displayed%3A%26nbsp%3B%3CSPAN%3EExternal%20component%20has%20thrown%20an%20exception.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20ran%20through%20the%20scenarios%20linked%20at%20the%20top%20of%20this%20article%20to%20repair%20failed%20installations%20of%20Exchange%20and%20nothing%20applies%20and%20anything%20to%20do%20with%20OWA%2FECP%20checks%20out.%20ECP%20works%20just%20fine.%20Installed%20through%20Windows%20update%20after%20shutting%20down%20all%20Exchange%20services%20and%20WMI.%20Install%20was%20successful%20with%20no%20errors%20and%20everything%20else%20is%20working%20as%20expected.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2952771%22%20slang%3D%22en-US%22%3EBetreff%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2952771%22%20slang%3D%22en-US%22%3E%3CP%3EJust%20installed%20the%20Patch%20on%20Exchange%202016%20CU22%20and%20we%20also%20affected%20by%20the%20broken%20Hybrid%20redirect%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2952881%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2952881%22%20slang%3D%22en-US%22%3E%3CP%3EStill%20not%20sure%20if%20we%20i'm%20effected.%20I'm%20on%20Exchange%202016%20CU19.%20If%20I%20don't%20update%20to%20CU22%20will%20I%20still%20be%20vulnerable%3F%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2952906%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2952906%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20are%20currently%20running%20Exchange%202016%20CU20%26nbsp%3B%20so%20no%20patches%20are%20released%20for%20CU22.%3C%2FP%3E%3CP%3ESo%20will%20we%20be%20able%20to%20upgrade%20from%20Exchange%202016%20CU20%20straight%20to%20CU22%3F%3C%2FP%3E%3CP%3EAnd%20will%20I%20need%20to%20upgrade%20the%20Schema%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2953152%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2953152%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1214729%22%20target%3D%22_blank%22%3E%40ExchangeCarter813%3C%2FA%3E%26nbsp%3BYes.%20You%20should%20be%20updating%20to%20CU22%20to%20apply%20the%20security%20update.%20See%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Faka.ms%2FExchangeUpdateWizard%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Faka.ms%2FExchangeUpdateWizard%3C%2FA%3E%26nbsp%3Bfor%20detailed%20steps.%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1214747%22%20target%3D%22_blank%22%3E%40dchan268%3C%2FA%3E%26nbsp%3BPlease%20see%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Faka.ms%2FExchangeUpdateWizard%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Faka.ms%2FExchangeUpdateWizard%3C%2FA%3E%26nbsp%3B-%20yes%2C%20you%20can%20go%20straight%20to%20the%20latest%20CU%3B%20the%20wizard%20will%20tell%20you%20what%20you%20need%20to%20do.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2953178%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2953178%22%20slang%3D%22en-US%22%3E%3CP%3EStill%20waiting%20on%20an%20answer%20to%20my%20question%2C%20which%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1213425%22%20target%3D%22_blank%22%3E%40MPSheriff%3C%2FA%3E%26nbsp%3Balso%20had%20an%20interest%20it.%20Repeated%20Q%20here%3A%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%22%3CSPAN%3EAny%20information%20on%20what%20endpoint%20(virtual%20directory)%20is%20vulnerable%3F%26nbsp%3B%20e.g.%20OWA%2C%20EWS%2C%20ECP%20etc.%22%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2953376%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2953376%22%20slang%3D%22en-US%22%3E%3CP%3E%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Faka.ms%2FExchangeUpdateWizard%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Faka.ms%2FExchangeUpdateWizard%3C%2FA%3E%26nbsp%3B%20is%20not%20accessible%20for%20me!%20%3CIMG%20class%3D%22lia-deferred-image%20lia-image-emoji%22%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Fhtml%2F%409839A717402516D64549B98324F4F0C1%2Fimages%2Femoticons%2Fsad_40x40_1.gif%22%20alt%3D%22%3Asad%3A%22%20title%3D%22%3Asad%3A%22%20%2F%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20there%20any%20other%20was%20to%20check%20the%20upgrade%20path%20from%20Exchange%202016%20CU20%20to%20CU22%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2953616%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2953616%22%20slang%3D%22en-US%22%3E%3CP%3Ewe%20have%20exchange%202013%20and%20the%20uodate%20broke%20the%20hybrid%20connector%3F%20can%20I%20uninstall%20it%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2953633%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2953633%22%20slang%3D%22en-US%22%3E%3CP%3ERegarding%20the%20event%20log%3A%26nbsp%3B%3CBR%20%2F%3E%3CSPAN%3EGet-WinEvent%20-FilterHashtable%20%40%7B%20LogName%3D'Application'%3B%20ProviderName%3D'MSExchange%20Common'%3B%20Level%3D2%20%7D%20%7C%20Where-Object%20%7B%20%24_.Message%20-like%20%22*BinaryFormatter.Deserialize*%22%20%7D%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3EIs%20there%20any%20specific%20event%20ID%20I%20should%20look%20for%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2953715%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2953715%22%20slang%3D%22en-US%22%3E%3CP%3EAfter%20installing%20to%20ex2013%20Edge%20role%2C%20service%20MSExchangeHM%20cannot%20start%2C%20as%20has%20dependency%20of%20MSExchangeADTopology%20service%2C%20which%20is%20missing%20on%20Edge.%20Removing%20dependency%20through%20registry%2C%20all%20is%20fine.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ETake%20care%2C%3C%2FP%3E%3CP%3ESergei.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2953752%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2953752%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20cannot%20apply%20the%20update%20right%20now%2C%20and%20there%20is%20no%20emergency%20mitigation.%3C%2FP%3E%3CP%3EBlocking%20remotepowershell%20and%20owa%20for%20authenticated%20user%2C%20non%20admin%2C%20will%20it%20reduce%20the%20attack%20surface%3F%20Also%20I%20don't%20understand%20how%20can%20an%20attacker%20exploit%20the%20vulnerability%20using%20a%20user%20identity%20that%20doesn't%20have%20any%20priviledge%20access%20to%20the%20exchange%20servers%20%2F%20organisation%20or%20AD.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2953931%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2953931%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3ESame%20here%2C%20after%20the%20Patch%20on%20Exchange%202016%20CU22%26nbsp%3B%20the%20Hybrid%20redirect%20is%20broken.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2953998%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2953998%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3CBR%20%2F%3EWe%20installed%20this%20update%20on%20Ex2019%20with%20CU10%20and%20we%20have%20a%20HLB%20distributing%20the%20traffic%20to%20the%20servers.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAfter%20logged%20in%20into%20OWA%20it%20went%20into%20infinite%20refresh%20loop%20when%20connecting%20through%20the%20HLB%2C%20anyone%20else%20seeing%20this%20problem%20%3F%3CBR%20%2F%3E%3CBR%20%2F%3E(%20We%20have%20had%20the%20same%20HLB%20setup%20for%20Exchange%202010%2C%202016%20and%202019%2C%20first%20time%20we%20encounter%20this%20issue.%20)%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%3C%2FP%3E%3CP%3EJani%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2954083%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2954083%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1215123%22%20target%3D%22_blank%22%3E%40Jani_T%3C%2FA%3E%26nbsp%3BPlease%20check%20this%20KB%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Ftopic%2Fcannot-log-in-to-owa-or-ecp-after-july-2021-su-for-exchange-server-2019-2016-and-2013-kb-5005341-476948d6-e124-4a60-bcc7-b0d5341e24ae%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ECannot%20log%20in%20to%20OWA%20or%20ECP%20after%20July%202021%20SU%20for%20Exchange%20Server%202019%2C%202016%2C%20and%202013%20(KB%205005341)%20(microsoft.com)%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2954151%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2954151%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1214578%22%20target%3D%22_blank%22%3E%40bahrani30%3C%2FA%3E%26nbsp%3BCan%20you%20Please%20explain%20about%20the%20connector%20Broke%20issue%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2954324%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2954324%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%20for%20the%20update.%20Encountered%20some%20issues%20I%20am%20unable%20to%20resolve%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20use%20Email%20Parser%20to%20process%20emails.%20The%20program%20connects%20to%20the%20Exchange%20Server%20to%20retrieve%20the%20emails.%20After%20the%20last%20security%20update%20was%20applied%20Email%20Parser%20presented%20the%20following%20error%3A%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3E%22Error%3A%20The%20request%20failed.%20The%20underlying%20connection%20was%20closed%3A%20An%20unexpected%20error%20occurred%20on%20a%20send.%22%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EI%20am%20unsure%20about%20what%20caused%20this.%20Concerned%20it%20has%20something%20to%20do%20with%20the%20way%20it%20communicates%3F%20TLS%3F%20SSL%3F%20Though%20these%20options%20are%20not%20available%20to%20Email%20Parser%2C%20perhaps%20it%20requires%20settings%20editing%20or%20white%20listing%20of%20connections%3F%3F%20Bit%20lost.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2954488%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2954488%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1214578%22%20target%3D%22_blank%22%3E%40bahrani30%3C%2FA%3E%26nbsp%3BWe%20are%20not%20aware%20of%20any%20problems%20with%20Hybrid%20Connector%3B%20can%20you%20please%20clarify%20what%20is%20going%20on%3F%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1215005%22%20target%3D%22_blank%22%3E%40jogalgam%3C%2FA%3E%26nbsp%3BIf%20the%20query%20comes%20back%20with%20no%20results%20(very%20likely)%2C%20that's%20that%3B%20you%20do%20not%20have%20anything%20to%20worry%20about.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2947851%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2947851%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1183951%22%20target%3D%22_blank%22%3E%40AiratAbdullin%3C%2FA%3E%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F88801%22%20target%3D%22_blank%22%3E%40Michael%20Hincapie%3C%2FA%3E%26nbsp%3BThe%20WSUS%20issue%20has%20been%20resolved%3B%20please%20ensure%20to%20download%20the%20latest%20WSUS%20cab%20file.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2954707%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2954707%22%20slang%3D%22en-US%22%3E%3CP%3ECan%20October%20SU%20and%20November%20SU%20be%20install%20at%20one%20go%20in%20exchange%202013%20servers%3F%20Has%20someone%20did%20it%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2954721%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2954721%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F550607%22%20target%3D%22_blank%22%3E%401990%3C%2FA%3E%26nbsp%3Bthey%20are%20cumulative.%20Just%20go%20with%20the%20November%202021%20SU.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2954827%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2954827%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%20I%20have%20upgraded%20my%20Exchange%20servers%20with%20the%20last%26nbsp%3BKB5007409%20and%20the%20freebusy%20cross%20forest%20not%20work.%20Do%20you%20have%20a%20workaround%20to%20resolved%20this%20issue%3F%20Thanks%20for%20your%20help%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2954828%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2954828%22%20slang%3D%22en-US%22%3E%3CP%3EHow%20does%20the%20results%20of%20the%20script%20look%20like%3F%20Client%20get%20below%20error%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22listers23_0-1636639205348.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F326318i8682DF18DFB92418%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22listers23_0-1636639205348.png%22%20alt%3D%22listers23_0-1636639205348.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2954880%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2954880%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1215338%22%20target%3D%22_blank%22%3E%40listers23%3C%2FA%3E%26nbsp%3BThis%20result%20means%20that%20there%20are%20no%20entries%20in%20the%20event%20log%20which%20indicate%20a%20compromise.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1215333%22%20target%3D%22_blank%22%3E%40stb71%3C%2FA%3E%26nbsp%3Bcheck%20this%20one%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Ftopic%2F-400-bad-request-error-during-autodiscover-for-per-user-free-busy-in-a-trusted-cross-forest-topology-a1d6296b-1b2b-4ecd-9ab6-d8637fe20a21%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%22(400)%20Bad%20Request%22%20error%20during%20Autodiscover%20for%20per-user%20free%2Fbusy%20in%20a%20trusted%20cross-forest%20topology%20(microsoft.com)%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2954976%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2954976%22%20slang%3D%22en-US%22%3E%3CP%3EUpdated%20to%20CU22%20from%20Exchange%202016%20CU19%20and%20applied%20the%20Nov%20SU.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20had%20been%20one%20of%20the%20targets%20of%20the%20vulnerability%20(autodiscover%20using%20%3CA%20href%3D%22mailto%3Aa%40edu.edu%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ea%40edu.edu%3C%2FA%3E)%20and%20the%20malicious%20actors%20had%20successfully%20sent%20spam%20mail%20from%20a%20few%20of%20our%20accounts.%3C%2FP%3E%3CP%3EWith%20the%20update%20installed%20and%20fully%20updated%2C%20I%20did%20notice%20more%20attempts%20in%20our%20IIS%20logs%20(but%20this%20time%20it%20appears%20the%20HTTP%20response%20is%20401%20instead%20of%20200).%20I%20just%20want%20to%20confirm%20that%20the%20update%20is%20working%20as%20intended%20(still%20recording%20the%20attempts%2C%20but%20blocking%20them%20with%20401).%20Thank%20you!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2955074%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2955074%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20MS%2C%20we%20can%20directly%20install%20November%20su%20update%20on%20exchange%202013%20servers%2C%20will%20this%20also%20mitigate%20October%20volunerbility%20too%3F%20Thanks%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2955222%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2955222%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Nino%2C%20I%20am%20in%20Exchange%202016%20CU21%20and%20I%20have%20installed%20the%20last%20KB%20of%20november%209th%2C%20now%2C%20FreeBusy%20cross%20forest%20is%20down%2C%20I%20encountered%20the%20same%20problem%20that%20I%20had%20with%20the%20KB5004779%20(%3CA%20href%3D%22https%3A%2F%2Feightwone.com%2Ftag%2Fhotfix%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Feightwone.com%2Ftag%2Fhotfix%2F%3C%2FA%3E)%20where%20I%20applied%20the%20peruseraccount%20for%20the%20availabilityconfig%20with%20success.%20Do%20you%20have%20an%20idea%20to%20correct%20this%20new%20inconvenience%3F%20Thanks%20for%20your%20help%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2955283%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2955283%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1215333%22%20target%3D%22_blank%22%3E%40stb71%3C%2FA%3E%26nbsp%3BThis%20KB%20article%20talks%20about%20this%20problem%3B%20this%20is%20due%20to%20the%20security%20change%20(since%20I%20think%20June)%20where%20accounts%20that%20end%20with%20%22%24%22%20cannot%20be%20used%20anymore%20in%20Exchange.%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Ftopic%2F-400-bad-request-error-during-autodiscover-for-per-user-free-busy-in-a-trusted-cross-forest-topology-a1d6296b-1b2b-4ecd-9ab6-d8637fe20a21%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%22(400)%20Bad%20Request%22%20error%20during%20Autodiscover%20for%20per-user%20free%2Fbusy%20in%20a%20trusted%20cross-forest%20topology%20(microsoft.com)%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2948316%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2948316%22%20slang%3D%22en-US%22%3E%3CP%3EDoes%20CVE-2021-42321%20impact%20Exchange%20server%202013%3F%20The%20wording%20above%20is%20confusing%20in%20that%202013%20is%20mentioned%20as%20having%20vulnerabilities%2C%20but%20only%202016%20and%202019%20are%20mentioned%20when%20speaking%20of%20limited%20attacks%20using%20CVE-2021-42321%20and%20there%20is%20no%20update%20listed%20for%202013%20in%20the%20update%20guide%20for%20this%20CVE.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2954843%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2954843%22%20slang%3D%22en-US%22%3E%3CP%20data-unlink%3D%22true%22%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F81948%22%20target%3D%22_blank%22%3E%40CSU_Scott%3C%2FA%3E%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F34575%22%20target%3D%22_blank%22%3E%40Markus%20Irby%3C%2FA%3E%26nbsp%3B%3A%20My%20only%20%22fix%22%20for%20this%20was%20to%20change%20links%20(on%20webpages%2Fbookmarks)%20to%20point%20to%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Foutlook.office.com%2Fmail%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Foutlook.office.com%2Fmail%2F%3C%2FA%3E%26nbsp%3Binstead%20of%20local%20exchange%20(https%3A%2F%2Fmail.example.com%2Fowa%26nbsp%3B)%20since%20essentially%20all%20these%20users%20are%20cloud%20and%20the%20exchange%20server%20is%20mostly%20just%20there%20because%20of%20the%20ADConnect%20requirement%20to%20keep%20running%20Exchange%20(It%20seems%20like%20the%20management%20functions%20could%20have%20been%20added%20to%20something%20like%20Windows%20admin%20center%20to%20eliminate%20the%20need%20to%20keep%20running%20Exchange%20server).%20You%20could%20potentially%20customize%20logon.aspx%20on%20the%20server%20to%20add%20a%20link%20(%22Having%20trouble%20logging%20in%3F%20Try%20%3CA%20href%3D%22https%3A%2F%2Foutlook.office.com%2Fmail%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Foutlook.office.com%2Fmail%3C%2FA%3E%26nbsp%3B%22)%2C%20but%20that%20would%20change%20the%20hash%20of%20the%20file%20(causing%20alerts%20if%20you%20were%20comparing%20hashes%20to%20check%20for%20e.g.%20webshells).%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2948343%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2948343%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1214215%22%20target%3D%22_blank%22%3E%40ScottySol%3C%2FA%3E%26nbsp%3BCVE-2021-42321%20is%20an%20Exchange%202016%2F2019%20vulnerability.%20The%20other%20vulnerabilities%20affect%20all%203%20versions.%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%3ECVE-2021-41349%20(E15%2F16%2F19)%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3ECVE-2021-42305%20(E15%2F16%2F19)%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3ECVE-2021-42321%20(E16%2F19)%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2946631%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2946631%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1213510%22%20target%3D%22_blank%22%3E%40Afraz1380%3C%2FA%3E%26nbsp%3BCorrect%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F313255%22%20target%3D%22_blank%22%3E%40Rengith%3C%2FA%3E%26nbsp%3BEven%20if%20all%20your%20mailboxes%20reside%20in%20Exchange%20Online%2C%20it%20a%20%22normal%22%20Exchange%20server%20and%20so%20vulnerable%20to%20the%20addressed%20vulnerabilities.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ESee%20FAQ%20above%3A%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E%3CEM%3EMy%20organization%20is%20in%20Hybrid%20mode%20with%20Exchange%20Online.%20Do%20I%20need%20to%20do%20anything%3F%3C%2FEM%3E%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSPAN%3EWhile%20Exchange%20Online%20customers%20are%20already%20protected%2C%20the%20November%202021%20security%20updates%20do%20need%20to%20be%20applied%20to%20your%20on-premises%20Exchange%20Servers%2C%20even%20if%20they%20are%20used%20only%20for%20management%20purposes.%20You%20do%26nbsp%3B%3C%2FSPAN%3E%3CEM%3Enot%3C%2FEM%3E%3CSPAN%3E%26nbsp%3Bneed%20to%20re-run%20the%20Hybrid%20Configuration%20Wizard%20(HCW)%20after%20applying%20updates.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2948692%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2948692%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20confused%20about%20this%20vulnerability%3A%20it%20requires%20the%20attacker%20to%20be%20authenticated%20already.%3C%2FP%3E%3CP%3EBut%20authenticated%20as%20a%20basic%20user%3F%20or%20as%20a%20Exchange%20priviledge%20user%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2957483%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2957483%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fassistants.microsoft.com%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fassistants.microsoft.com%2F%3C%2FA%3E%20this%20site%20is%20not%20available%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2950636%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2950636%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F164282%22%20target%3D%22_blank%22%3E%40Lukas%20Sassl%3C%2FA%3E%20Thank%20you%20very%20much%20for%20the%20quick%20reply%20and%20clarification.%20Much%20appreciated.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2957692%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2957692%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Faka.ms%2FExchangeUpdateWizard%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Faka.ms%2FExchangeUpdateWizard%3C%2FA%3E%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fassistants.microsoft.com%2FExchangeUpdatesGuide%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fassistants.microsoft.com%2FExchangeUpdatesGuide%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ENot%20accessible...%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2957796%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2957796%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1216208%22%20target%3D%22_blank%22%3E%40Branko_Zupanec%3C%2FA%3E%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1216132%22%20target%3D%22_blank%22%3E%40Dahyour%3C%2FA%3E%26nbsp%3BThanks%20for%20reporting.%20We%20are%20aware%20of%20it%20and%20the%20teams%20responsible%20are%20informed.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2958017%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2958017%22%20slang%3D%22en-US%22%3E%3CP%3EI'm%20just%20reporting%20the%20same%20error%20as%20others.%20In%20a%20hybrid%20environment%20if%20the%20mailbox%20exists%20on%20the%20cloud%20but%20is%20attempted%20to%20be%20accessed%20through%20local%20Exchange%20OWA%2C%20the%20URL%20to%20the%20mailbox%20redirect%20page%20is%20wrong.%20Changing%20the%20%5Cu0026%20to%20%26amp%3B%20displays%20the%20correct%20page%20with%20redirect.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20isn't%20a%20problem%20for%20us%20as%20all%20our%20mailboxes%20are%20online%2C%20but%20I%20really%20just%20want%20to%20express%20my%20feelings%20that%20I%20am%20hoping%20Microsoft%20will%20provide%20a%20way%20to%20decommission%20Exchange%20in%20a%20hybrid%20environment.%20It%20surely%20can't%20be%20that%20difficult%20to%20create%20a%20light%20weight%20AD%20attribute%20%2F%20mailbox%20editing%20tool%20to%20manage%20mailbox%20settings%20while%20keeping%20the%20local%20AD%20as%20authoritative%20using%20AADC%20to%20sync%20to%20the%20cloud.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAADC%20running%20with%20password%20sync%2C%20SSSO%20etc%20is%20an%20elegant%20solution%20that%20joins%20local%20AD%20to%20the%20cloud%20so%20well.%20This%20just%20seems%20like%20the%20last%20part%20of%20the%20puzzle.%20This%20would%20also%20probably%20save%20an%20awful%20lot%20of%20people%20having%20to%20install%20these%20security%20and%20cumulative%20updates%2C%20keeping%20their%20Exchange%20servers%20up%20to%20date%20and%20save%20a%20lot%20of%20stress%20at%20the%20same%20time%20if%20something%20goes%20wrong!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20it%20in%20the%20pipeline%20at%20all%3F%20Or%20am%20I%20just%20missing%20something%20massively%20obvious%3F...%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2958042%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2958042%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1216324%22%20target%3D%22_blank%22%3E%40MSmith80%3C%2FA%3E%26nbsp%3BNo%20need%20to%20complicate...%20everyone%20call%20for%20a%20Tool%20to%20manage%20on-prem%20AD%2C%20but%20if%20every%20property%26nbsp%3B%20on%20Azure%20AD%20was%20perfectly%20%22back%20writable%22%20it%20wouldn't%20be%20need%20a%20solution%20for%20a%20problem%20that%20wouldn't%20exist.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2958056%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2958056%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20All%2C%3C%2FP%3E%3CP%3EWe%20have%20a%20hybrid%20setup%2C%202%20on-prem%20Exchange%202013%20CU23%20servers%20in%20a%20DAG.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20patched%20one%20of%20the%20servers%20this%20morning%20but%20no%20longer%20can%20get%20into%20ECP%20on%20that%20server%20however%20I%20can%20still%20on%20the%20un-patched%20one.%3CBR%20%2F%3E%3CBR%20%2F%3EGetting%202%20event%20IDs%20appear%20when%20failing%20to%20login%2C%201%20being%20%3CSTRONG%3EID%201309%20for%20ASP.NET%204.0.30319.0%3C%2FSTRONG%3E%20%3A%3C%2FP%3E%3CDIV%3E%3CTABLE%20border%3D%220%22%20cellspacing%3D%220%22%3E%3CTBODY%3E%3CTR%3E%3CTD%3EEvent%20code%3A%203005%3CBR%20%2F%3EEvent%20message%3A%20An%20unhandled%20exception%20has%20occurred.%3CBR%20%2F%3EEvent%20time%3A%2012%2F11%2F2021%2010%3A09%3A05%3CBR%20%2F%3EEvent%20time%20(UTC)%3A%2012%2F11%2F2021%2010%3A09%3A05%3CBR%20%2F%3EEvent%20ID%3A%205d5aa81e67c448aa8ad3c6ab5d955096%3CBR%20%2F%3EEvent%20sequence%3A%2022%3CBR%20%2F%3EEvent%20occurrence%3A%203%3CBR%20%2F%3EEvent%20detail%20code%3A%200%3CBR%20%2F%3E%3CBR%20%2F%3EASSERT%3A%20HMACProvider.GetCertificates%3AprotectionCertificates.Length%26lt%3B1%20at%20Microsoft.Exchange.Diagnostics.ExAssert.AssertInternal(String%20formatString%2C%20Object%5B%5D%20parameters)%20at%20Microsoft.Exchange.Clients.Common.HmacProvider.GetCertificates()%20at%20Microsoft.Exchange.Clients.Common.HmacProvider.GetHmacProvider()%20at%20Microsoft.Exchange.Clients.Common.HmacProvider.ComputeHmac%3C%2FTD%3E%3C%2FTR%3E%3C%2FTBODY%3E%3C%2FTABLE%3E%3CP%3E%3CSTRONG%3EEvent%201003%20for%20MSExchange%20Front%20End%20HTTP%20Proxy%20%3A%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%5BOwa%5D%20An%20internal%20server%20error%20occurred.%20The%20unhandled%20exception%20was%3A%20Microsoft.Exchange.Diagnostics.ExAssertException%3A%20ASSERT%3A%20HMACProvider.GetCertificates%3AprotectionCertificates.Length%26lt%3B1%3CBR%20%2F%3Eat%20Microsoft.Exchange.Diagnostics.ExAssert.AssertInternal(String%20formatString%2C%20Object%5B%5D%20parameters)%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20have%20not%20changed%20our%20certs%20at%20all%20and%20running%20the%20following%20command%20on%20both%20servers%20produce%20the%20same%20error%20about%20certificate%20with%20a%20specific%20thumbprint%20not%20being%20found%20but%20I%20can%20still%20access%20ECP%20on%20the%20unaffected%20server%20%3A%3CBR%20%2F%3E%3CSTRONG%3EGet-ExchangeCertificate%20(Get-AuthConfig).CurrentCertificateThumbprint%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20know%20usually%20when%20logging%20into%20ECP%20the%20URL%20remains%20%3CSTRONG%3E%3CA%20href%3D%22https%3A%2F%2Fserver.domain%2Fecp%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fserver.domain%2Fecp%2F%3C%2FA%3E%20%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3Ehowever%20I'm%20failing%20at%20%3CSTRONG%3E%3CA%20href%3D%22https%3A%2F%2Fserver.domain%2Fowa%2Fauth%2FerrorFE.aspx%3FhttpCode%3D500%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fserver.domain%2Fowa%2Fauth%2FerrorFE.aspx%3FhttpCode%3D500%3C%2FA%3E%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20someone%20help%3F%20Cannot%20patch%20the%20remaining%20server%20until%20I%20can%20get%20ECP%20back%20on%20the%20affected%20server.%3C%2FP%3E%3C%2FDIV%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2958140%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2958140%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F503977%22%20target%3D%22_blank%22%3E%40AT1991%3C%2FA%3E%26nbsp%3Bis%20you%20auth%20certificate%20valid%20and%20not%20expired%3F%20You%20can%20run%20the%20HealthChecker%20script%20to%20validate%20(%3CA%20href%3D%22https%3A%2F%2Faka.ms%2FExchangeHealthChecker%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Faka.ms%2FExchangeHealthChecker%3C%2FA%3E).%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EEDIT%3A%2F%2F%20Overlooked%20this%20sentence%20in%20your%20comment%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CEM%3EWe%20have%20not%20changed%20our%20certs%20at%20all%20and%20running%20the%20following%20command%20on%20both%20servers%20produce%20the%20same%20error%20about%20certificate%20with%20a%20specific%20thumbprint%20not%20being%20found%20but%20I%20can%20still%20access%20ECP%20on%20the%20unaffected%20server%20%3A%3C%2FEM%3E%3CBR%20%2F%3E%3CEM%3EGet-ExchangeCertificate%20(Get-AuthConfig).CurrentCertificateThumbprint%3C%2FEM%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EPlease%20follow%20the%20steps%20described%20here%3A%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Ftroubleshoot%2Fadministration%2Fcannot-access-owa-or-ecp-if-oauth-expired%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ECan't%20access%20OWA%2FEAC%20with%20expired%20OAuth%20certificate%20-%20Exchange%20%7C%20Microsoft%20Docs%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2958173%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2958173%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F503977%22%20target%3D%22_blank%22%3E%40AT1991%3C%2FA%3E%26nbsp%3Bthere%20was%20a%20change%20introduced%20with%20the%20July%202021%20SU%20%2F%20September%202021%20CU%20that%20requires%20a%20proper%20configured%20and%20valid%20auth%20certificate%20(see%3A%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fexchange-team-blog%2Freleased-july-2021-exchange-server-security-updates%2Fba-p%2F2523421%22%20target%3D%22_blank%22%3EReleased%3A%20July%202021%20Exchange%20Server%20Security%20Updates%20-%20Microsoft%20Tech%20Community%3C%2FA%3E).%20I%20guess%20the%20working%20server%20runs%20a%20version%20prior%20the%20July%202021%20SU%20%2F%20September%202021%20CU.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2958536%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2958536%22%20slang%3D%22en-US%22%3E%3CP%3EAfter%20applying%20KB5007409%20to%20our%20mail%20servers%20currently%20on%20Exchange%202016%20CU%2022%2C%20our%20Mitel%20NuPoint%20voicemail%20system%20is%20no%20longer%20able%20to%20connect%20using%20IMAP%20SSL%20on%20993.%26nbsp%3B%20This%20literally%20stopped%20working%20as%20soon%20as%20we%20manually%20applied%20the%20patch%20to%20the%20particular%20server%20that%20is%20used%20for%20this%20VM%20to%20email%20integration%20(the%20patch%20was%20run%20from%20an%20elevated%20command%20prompt%20as%20required).%20We%20can%20still%20successfully%20connect%20using%20Test-Imapconnectivity%20using%20the%20same%20AD%20credentials%20the%20VM%20server%20uses.%26nbsp%3B%20The%20account%20has%20delegated%20access%20to%20our%20mailboxes%20in%20order%20to%20deliver%20voicemails%20to%20an%20Inbox.%20This%20particular%20server%20is%20not%20Internet%20facing.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2958597%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2958597%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F164282%22%20target%3D%22_blank%22%3E%40Lukas%20Sassl%3C%2FA%3E%26nbsp%3B%3CBR%20%2F%3EThank%20you%20for%20clarifying.%20In%20case%20I%20didn't%20want%20to%20create%20a%20new%20certificate%20what%20would%20the%20process%20by%20in%20terms%20of%20commands%3F%3CBR%20%2F%3EWe%20have%20Exchange%20Auth%20Certs%20on%20both%20servers%20valid%20until%202026.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2958783%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2958783%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20all%2C%3C%2FP%3E%3CP%3EWe%20have%20mixed%20results%20with%20the%20power%20shell%20command.%26nbsp%3B%3C%2FP%3E%3CP%3EOne%20we%20know%20is%20clean%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22JosephTodaro_0-1636727496818.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F326603i2F949B5BDEF775D5%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22JosephTodaro_0-1636727496818.png%22%20alt%3D%22JosephTodaro_0-1636727496818.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnother%20response%20that%20returns%20nothing%20that%20we%20are%20unsure%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22JosephTodaro_2-1636727602150.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F326605i24A603407255190F%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22JosephTodaro_2-1636727602150.png%22%20alt%3D%22JosephTodaro_2-1636727602150.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3EAny%20ideas%20when%20it%20doesn't%20return%20anything%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2959059%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2959059%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20all.%3CBR%20%2F%3EAfter%20installing%20update%20KB5007409%2C%20Thunderbird%20clients%20cannot%20connect%20to%20the%20server%20via%20IMAP.%20(Exchange%202013%20Version%2015.0%20Build%201497.2)%3CBR%20%2F%3EResolved.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2959211%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2959211%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20There%2C%3C%2FP%3E%3CP%3EWe%20have%20Exchange%202016%2C%20currently%20on%20CU20%2C%20but%20will%20be%20updating%20to%20CU22%20asap.%3C%2FP%3E%3CP%3EWe%20are%20in%20a%20Hybrid%20configuration%2C%20but%20currently%20all%20mailboxes%20reside%20on-Prem%20still%2C%20will%20the%20broken%20link%20issue%20caused%20by%20the%20SU%20still%20effect%20our%20user%20base%3F%3C%2FP%3E%3CP%3EThanks%20in%20advance%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2959484%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2959484%22%20slang%3D%22en-US%22%3E%3CP%3EAnyone%20else%20have%20the%20Microsoft%20Exchange%20Diagnostics%20service%20fail%20to%20start%20after%20this%20security%20update%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22gabegsc_0-1636738517640.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F326673iCF806C18A2CB1025%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22gabegsc_0-1636738517640.png%22%20alt%3D%22gabegsc_0-1636738517640.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22gabegsc_1-1636738591570.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F326674i78A0C41BB1CE9DC7%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22gabegsc_1-1636738591570.png%22%20alt%3D%22gabegsc_1-1636738591570.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22gabegsc_2-1636738640317.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F326675i7289538260A17F1E%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22gabegsc_2-1636738640317.png%22%20alt%3D%22gabegsc_2-1636738640317.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ETried%20following%20the%20steps%20here%20but%20it%20didn't%20fix%20it.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fsocial.technet.microsoft.com%2FForums%2Foffice%2Fen-US%2F35e7d2f2-0910-4ead-b8be-b82bff4fe3b8%2Fthe-microsoft-exchange-diagnostics-service-terminated-unexpectedlyexchange-2016-cu3-kb4022720%3Fforum%3DExch2016Adm%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fsocial.technet.microsoft.com%2FForums%2Foffice%2Fen-US%2F35e7d2f2-0910-4ead-b8be-b82bff4fe3b8%2Fthe-microsoft-exchange-diagnostics-service-terminated-unexpectedlyexchange-2016-cu3-kb4022720%3Fforum%3DExch2016Adm%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EUPDATE%3A%20Issue%20was%20resolved.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2959506%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2959506%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1216614%22%20target%3D%22_blank%22%3E%40becketta%3C%2FA%3E%26nbsp%3BYes%3B%20ALL%20versions%20are%20vulnerable%20but%20we%20only%20release%20updates%20for%20CUs%20that%20are%20in%20support.%20%3CEM%3EThis%20is%20always%20the%20case%3C%2FEM%3E.%20Otherwise%20you%20will%20see%20us%20call%20out%20explicitly%20the%20versions%20that%20are%20vulnerable.%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1216695%22%20target%3D%22_blank%22%3E%40hutchymon%3C%2FA%3E%26nbsp%3BNope%2C%20in%20that%20case%2C%20if%20your%20mailboxes%20are%20still%20on-prem%2C%20your%20users%20are%20not%20getting%20redirected%20so%20there%20should%20be%20no%20problems.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2961049%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2961049%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20guys%2C%3CBR%20%2F%3EI'd%20like%20to%20repeat%20the%20question%20for%20more%20details%20(not%20to%20say%20details%20at%20all)%20on%20these%20vulnerabilities.%20These%20would%20help%3CBR%20%2F%3E-%20assessing%20the%20risk%20for%20specific%20Exchange%20deployments%26nbsp%3B%3CBR%20%2F%3E-%20and%20defining%20and%20deploying%20mitigations%20if%20an%20immediate%20update%20cannot%20be%20done%3CBR%20%2F%3EThx%20a%20lot%2C%20Wolf.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2960955%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2960955%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20are%20on%20Hybrid%20%2C%20all%20our%20mailboxes%20are%20on%20cloud%20%2CWe%20are%20not%20using%20On%20Premise%20OWA%20.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBut%20We%20have%20to%20use%20ECP%20..%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWill%20the%20broken%20link%20issue%20caused%20by%20the%20SU%20impact%20us.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EYour%20Quick%20reply%20is%20highly%20appreciated%3C%2FP%3E%3CP%3EThanks%20in%20Advance%3C%2FP%3E%3CP%3ERengith%20George%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2961151%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2961151%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3EYesterday%20we%20patched%20one%20of%20our%20exchange%202013%20CU23%20servers%20due%20to%20the%20new%20exploit%20reported%20by%20MS%2C%20after%20doing%20so%2C%20we%20noticed%20that%20the%20newly%20patched%20server's%20content%20index%20state%20was%20showing%20as%20FailedAndSuspended.%3C%2FSPAN%3E%3C%2FP%3E%3CP%20class%3D%22%22%3EHaving%20misread%20an%20article%2C%20tried%20re-seeding%20the%20catalog%20for%20this%20particular%20database%20from%20the%20unpatched%20server%20back%20to%20itself%20which%20resulted%20in%20both%20showing%20as%20FailedAndSuspended.%20Unfortunately%20the%20database%20is%20our%20Public%20Folder%20database%20which%20is%20heavily%20used.%20Searching%20does%20not%20working%20unless%20you%20search%20by%20From%3A%22xyz%22%20or%20Subject%3A%22xyz%22.%3C%2FP%3E%3CP%20class%3D%22%22%3EThe%20server%20which%20has%20the%20DB%20mounted%20(unpatched)%20showed%20crawling%20after%20sometime%2C%20then%20this%20morning%20showed%20as%20FailedAndSuspended%20and%20has%20since%20started%20crawling%20again.%3C%2FP%3E%3CP%20class%3D%22%22%3ENeed%20to%20get%20this%20fixed%20by%20Monday%2C%20can%20anyone%20help%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2962082%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2962082%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F985941%22%20target%3D%22_blank%22%3E%40BigPhil%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Edid%20you%20find%20any%20solution%20to%20solve%20the%20error%20%22External%20component%20has%20thrown%20an%20exception%22%2C%20I%20have%20the%20same%20environment%20you%20have%20and%20get%20this%20error%20when%20try%20to%20access%20owa%20and%20the%20users%20on%20on%20prem%20keep%20asking%20for%20password%20on%20outlook%20and%20there%20is%20error%20in%20autodiscover%20certificate%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2962289%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2962289%22%20slang%3D%22en-US%22%3E%3CP%3EI%20have%202%20DAG%20Exchange%20server%202013%20CU23%20with%20hybrid%20office%20365%2C%20after%20installing%20this%20update.%20I%20hade%20some%20errors%20and%20I%20have%20try%20most%20of%20solutions%20was%20wrote%20here%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ENow%20%3A%26nbsp%3B%3C%2FP%3E%3CP%3E-%20on%20prem%20users%20can%20access%20both%20OWA%20and%20ECP%26nbsp%3B%3C%2FP%3E%3CP%3E-%20I%20had%20autodiscover%20error%20when%20check%20with%20Microsoft%20Remote%20Connectivity%20Analyzer%20but%20it%20has%20been%20solved%20now%20..%26nbsp%3B%3C%2FP%3E%3CP%3E-%20Cloud%20users%20now%20can%20access%20on%20prem%20ECP%20but%20can't%20access%20OWA%2C%20it%20get%20to%20them%20error%20%22%3CSPAN%3EExternal%20component%20has%20thrown%20an%20exception.%3C%2FSPAN%3E%22%20after%20they%20try%20to%20login%26nbsp%3B%3C%2FP%3E%3CP%3E-%20Cloud%20users%20who%20use%20outlook%20365%20keep%20asking%20for%20password%20and%20disconnect%20and%20connect%20frequently%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22owa.PNG%22%20style%3D%22width%3A%20928px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F326875iE398DB870E6568F4%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22owa.PNG%22%20alt%3D%22owa.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2962329%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2962329%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%20I%20got%20almost%20the%20same%20issues%20that%20you%20got%2C%20I%20advise%20that%20wait%20not%20install%20it%2C%20I%20had%20to%20spent%20almost%208%20hours%20with%20MS%20support%20to%20fix%20these%20issue%20and%20I%20was%20luck%20to%20get%20the%20issues%20resolved%20before%20the%20business%20day%20started.%20Microsoft%20should%20do%20their%20part%20by%20testing%20their%20updates%20before%20releasing%20them%20and%20causing%20damages%20to%20business.%20This%20is%20not%20the%20first%20time%20that%20the%20CU%20updates%20breaks%20services%20and%20causing%20business%20interruptions%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2962710%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2962710%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1217799%22%20target%3D%22_blank%22%3E%40Uwaiz80%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20the%20same%20Issue%20you%20have%20with%20outlook%20connectivity%20but%20it%20not%20solved%20yet.%20did%20you%20find%20any%20thing%20to%20solve%20it%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2962931%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2962931%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1217799%22%20target%3D%22_blank%22%3E%40Uwaiz80%3C%2FA%3E%26nbsp%3B%20..%20%3CSPAN%3EI%20have%202%20DAG%20Exchange%20server%202013%20CU23%20with%20hybrid%20office%20365%2C%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3Ewhat%20i%20face%20now%20that%20some%20exchange%20server%20component%20in%20unhealthy.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3E%26nbsp%3B%26nbsp%3B%3C%2FSPAN%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22server1.PNG%22%20style%3D%22width%3A%20992px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F326921i19C86ED4A38C891B%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22server1.PNG%22%20alt%3D%22server1.PNG%22%20%2F%3E%3C%2FSPAN%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22server2.PNG%22%20style%3D%22width%3A%20996px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F326922iF784DF9C1978F6F7%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22server2.PNG%22%20alt%3D%22server2.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2963061%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2963061%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1217799%22%20target%3D%22_blank%22%3E%40Uwaiz80%3C%2FA%3E%26nbsp%3Bwe%E2%80%99ve%20introduced%20AMSI%20integration%20with%20the%20June%202021%20quarterly%20updates%20(see%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fexchange-team-blog%2Fmore-about-amsi-integration-with-exchange-server%2Fba-p%2F2572371%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fexchange-team-blog%2Fmore-about-amsi-integration-with-exchange-server%2Fba-p%2F2572371%3C%2FA%3E)%3C%2FP%3E%0A%3CP%3E%3CBR%20%2F%3EYou%20can%20try%20to%20temporarily%20disable%20the%20integration%20to%20see%20if%20the%20Outlook%20client%20connectivity%20is%20related%20to%20this.%20Please%20check%20the%20blog%20post%20regarding%20AMSI%20integration%20(posted%20above)%20to%20learn%20more.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2963927%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2963927%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1217799%22%20target%3D%22_blank%22%3E%40Uwaiz80%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20solved%20the%20outlook%20frequently%20disconnection%20and%20keep%20asking%20password.%20I%20have%20use%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fkb.intermedia.net%2FContents%2F39713%2FAutodiscoverFix.zip%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EAutodiscoverFix.reg%3C%2FA%3E%26nbsp%3B%20registry%20key%20and%20it%20works%20for%20me.%26nbsp%3B%3C%2FP%3E%3CP%3Ethis%20article%20may%20help%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fkb.intermedia.net%2Farticle%2F39713%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fkb.intermedia.net%2Farticle%2F39713%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ebut%20still%20cloud%20users%20can't%20access%20on%20prem%20OWA%2C%20but%20this%20is%20not%20important%20for%20me.%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2964347%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2964347%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%26nbsp%3B%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F164282%22%20target%3D%22_blank%22%3E%40Lukas%20Sassl%3C%2FA%3E%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIn%20my%20case%20it%20was%20AMSI%20integration%20with%20AV%20was%20causing%20the%20issue.%20Disabled%20it%20for%20now%20.%3C%2FP%3E%3CP%3EWaiting%20for%20their%20update.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F167992%22%20target%3D%22_blank%22%3E%40Abdou%20Elmoslemany%3C%2FA%3E%26nbsp%3B%20Glad%20to%20know%20it%20solved%20the%20issue.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2948210%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2948210%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F540062%22%20target%3D%22_blank%22%3E%40nPillai%3C%2FA%3E%26nbsp%3B%3CEM%3EServers%20which%20are%20not%20updated%20are%20vulnerable%3C%2FEM%3E.%20While%20it%20is%20reasonable%20to%20assume%20that%20if%20a%20server%20is%20not%20accessible%20(does%20it%20not%20host%20any%20mailboxes%3F)%2C%20it%20cannot%20be%20attacked%20directly%2C%20it%20is%20important%20to%20understand%20the%20totality%20of%20your%20environment%20(and%20only%20you%20can%20do%20this).%20For%20example%20-%20a%20vulnerability%20could%20also%20be%20used%20from%20the%20inside%20of%20the%20network%20(and%20not%20just%20from%20the%20Internet)%20to%20possibly%20gain%20elevation.%20I%20have%20no%20clue%20if%20that%20even%20applies%20to%20your%20environment%2C%20of%20course.%20This%20is%20why%20we%20say%2C%20please%20update%20immediately.%20Unless%20updates%20are%20installed%2C%20there%20is%20a%20possibility%20as%20vulnerability%20is%20still%20present.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2965042%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2965042%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F164282%22%20target%3D%22_blank%22%3E%40Lukas%20Sassl%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20Update%20on%20the%20below%3F%3C%2FP%3E%3CUL%3E%3CLI%3E11%2F11%3A%20Added%20a%20known%20issue%20with%20OWA%20redirect%20for%20hybrid%20customers%26nbsp%3B%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOn%20Prem%20User%20trying%20to%20access%20a%20Exchnage%20online%20Calender%20which%20they%20had%20access%20not%26nbsp%3B%20working%20now%3F%20is%20it%20related%20to%20this%20patch%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2965074%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2965074%22%20slang%3D%22en-US%22%3E%3CP%3EAny%20update%20on%20the%20OWA%20issue%20regarding%26nbsp%3BSet-MailboxMessageConfiguration%3F%20See%20our%20issue%20here%3A%20%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2FMicrosoftDocs%2Foffice-docs-powershell%2Fissues%2F8537%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgithub.com%2FMicrosoftDocs%2Foffice-docs-powershell%2Fissues%2F8537%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2965163%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2965163%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22NK_361170_0-1636975275023.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F327033i95321C662676571C%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22NK_361170_0-1636975275023.png%22%20alt%3D%22NK_361170_0-1636975275023.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F324116%22%20target%3D%22_blank%22%3E%40The_Exchange_Team%3C%2FA%3E%26nbsp%3B%20Nino%20Bilic%20Any%20Update%20on%20this%20%3F%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2933169%22%20slang%3D%22en-US%22%3EReleased%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2933169%22%20slang%3D%22en-US%22%3E%3CP%3EMicrosoft%20has%20released%20security%20updates%20for%20vulnerabilities%20found%20in%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EExchange%20Server%202013%3C%2FLI%3E%0A%3CLI%3EExchange%20Server%202016%3C%2FLI%3E%0A%3CLI%3EExchange%20Server%202019%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EThese%20updates%20are%20available%20for%20the%20following%20specific%20builds%20of%20Exchange%20Server%3A%3C%2FP%3E%0A%3CP%20style%3D%22background%3A%20%23F0F0F0%3B%20padding%3A%20.5em%3B%20margin%3A%201em%200%201em%200%3B%22%3E%3CSTRONG%3EIMPORTANT%3A%3C%2FSTRONG%3E%26nbsp%3BIf%20manually%20installing%20security%20updates%2C%20you%26nbsp%3B%3CFONT%20color%3D%22%23FF0000%22%3E%3CEM%3Emust%3C%2FEM%3E%26nbsp%3B%3C%2FFONT%3Einstall%20.msp%20from%20elevated%20command%20prompt%20(see%20Known%20Issues%20in%20update%20KB%20article).%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EExchange%20Server%202013%20%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fdownload%2Fdetails.aspx%3FfamilyID%3D8ef4e237-7007-4e30-9525-75ae6e66bb41%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ECU23%3C%2FA%3E%3C%2FLI%3E%0A%3CLI%3EExchange%20Server%202016%20%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fdownload%2Fdetails.aspx%3FfamilyID%3Dde4b96e0-8d0e-4830-8354-7ed2128e6f82%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ECU21%3C%2FA%3E%20and%20%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fdownload%2Fdetails.aspx%3FfamilyID%3D688b79c6-7e43-4332-848d-47e88f60818c%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ECU22%3C%2FA%3E%3C%2FLI%3E%0A%3CLI%3EExchange%20Server%202019%20%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fdownload%2Fdetails.aspx%3FfamilyID%3D1c42658f-9d60-4afb-a6c6-e35594b17d39%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ECU10%3C%2FA%3E%20and%20%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fdownload%2Fdetails.aspx%3FfamilyID%3Dcd28ac6e-eb6f-4747-b9f0-24785b08a012%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ECU11%3C%2FA%3E%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EThe%20November%202021%20security%20updates%20for%20Exchange%20Server%20address%20vulnerabilities%20reported%20by%20security%20partners%20and%20found%20through%20Microsoft%E2%80%99s%20internal%20processes.%20We%20are%20aware%20of%20limited%20targeted%20attacks%20in%20the%20wild%20using%20one%20of%20vulnerabilities%20(%3CA%20href%3D%22https%3A%2F%2Fmsrc.microsoft.com%2Fupdate-guide%2Fvulnerability%2FCVE-2021-42321%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ECVE-2021-42321%3C%2FA%3E)%2C%20which%20is%20a%20%3CEM%3Epost-authentication%3C%2FEM%3E%20vulnerability%20in%20Exchange%202016%20and%202019.%20Our%20recommendation%20is%20to%20install%20these%20updates%20%3CEM%3Eimmediately%3C%2FEM%3E%20to%20protect%20your%20environment.%3C%2FP%3E%0A%3CP%3EThese%20vulnerabilities%20affect%20on-premises%20Microsoft%20Exchange%20Server%2C%20including%20servers%20used%20by%20customers%20in%20Exchange%20Hybrid%20mode.%20Exchange%20Online%20customers%20are%20already%20protected%20and%20do%20not%20need%20to%20take%20any%20action.%3C%2FP%3E%0A%3CP%3EMore%20details%20about%20specific%20CVEs%20can%20be%20found%20in%20%3CA%20href%3D%22https%3A%2F%2Fmsrc.microsoft.com%2Fupdate-guide%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ESecurity%20Update%20Guide%3C%2FA%3E%20(filter%20on%20Exchange%20Server%20under%20Product%20Family).%3C%2FP%3E%0A%3CH1%20id%3D%22toc-hId-1499882956%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%20id%3D%22toc-hId-1500812335%22%3EUpdate%20installation%3C%2FH1%3E%0A%3CP%3ETwo%20update%20paths%20are%20available%3A%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-center%22%20image-alt%3D%22Nov2021SUpath.jpg%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F325599iF5B5D418BB2C1A1D%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Nov2021SUpath.jpg%22%20alt%3D%22Nov2021SUpath.jpg%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CH2%20id%3D%22toc-hId--2104522866%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%20id%3D%22toc-hId--2103593487%22%3EInventory%20your%20Exchange%20Servers%20%2F%20determine%20which%20updates%20are%20needed%3C%2FH2%3E%0A%3CP%3EUse%20the%20%3CA%20href%3D%22https%3A%2F%2Faka.ms%2FExchangeHealthChecker%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EExchange%20Server%20Health%20Checker%20script%3C%2FA%3E%20(use%20the%20latest%20release)%20to%20inventory%20your%20servers.%20Running%20this%20script%20will%20tell%20you%20if%20any%20of%20your%20Exchange%20Servers%20are%20behind%20on%20updates%20(CUs%20and%20SUs).%3C%2FP%3E%0A%3CH2%20id%3D%22toc-hId-382989967%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%20id%3D%22toc-hId-383919346%22%3EUpdate%20to%20the%20latest%20Cumulative%20Update%3C%2FH2%3E%0A%3CP%3EGo%20to%20%3CA%20href%3D%22https%3A%2F%2Faka.ms%2FExchangeUpdateWizard%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Faka.ms%2FExchangeUpdateWizard%3C%2FA%3E%20and%20choose%20your%20currently%20running%20CU%20and%20your%20target%20CU%20to%20get%20directions%20for%20your%20environment.%3C%2FP%3E%0A%3CH2%20id%3D%22toc-hId--1424464496%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%20id%3D%22toc-hId--1423535117%22%3EIf%20you%20encounter%20errors%20during%20or%20after%20installation%20of%20Exchange%20Server%20updates%3C%2FH2%3E%0A%3CP%3EIf%20you%20encounter%20errors%20during%20installation%2C%20see%20the%20%3CA%20href%3D%22https%3A%2F%2Faka.ms%2FExSetupAssist%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ESetupAssist%20script%3C%2FA%3E.%20If%20something%20does%20not%20work%20properly%20after%20updates%2C%20see%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Ftroubleshoot%2Fclient-connectivity%2Fexchange-security-update-issues%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ERepair%20failed%20installations%20of%20Exchange%20Cumulative%20and%20Security%20updates%3C%2FA%3E.%3C%2FP%3E%0A%3CH2%20style%3D%22font-family%3A%20SegoeUI%2C%20Lato%2C%20'Helvetica%20Neue'%2C%20Helvetica%2C%20Arial%2C%20sans-serif%3B%20color%3A%20%23333333%3B%22%20id%3D%22toc-hId-1063048337%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%20id%3D%22toc-hId-1063977716%22%3EKnown%20issues%20with%20update%3C%2FH2%3E%0A%3CUL%3E%0A%3CLI%20style%3D%22font-family%3A%20SegoeUI%2C%20Lato%2C%20'Helvetica%20Neue'%2C%20Helvetica%2C%20Arial%2C%20sans-serif%3B%20line-height%3A%201.71429%3B%22%3EAfter%20installation%20of%20November%20SUs%20on%20your%20on-premises%20Exchange%20servers%20when%20in%20hybrid%2C%20you%20might%20see%20OWA%20redirection%20URL%20for%20hybrid%20users%20provide%20an%20incorrectly%20encoded%20URL%2C%20causing%20the%20redirect%20to%20fail%20with%20the%20%22Something%20went%20wrong%22%20error.%20We%20are%20still%20investigating%20this%20issue.%20As%20a%20workaround%2C%20please%20direct%20users%20to%20go%20to%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Foutlook.office.com%2Fowa%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Foutlook.office.com%2Fowa%2F%3C%2FA%3E%26nbsp%3Bdirectly.%3C%2FLI%3E%0A%3CLI%20style%3D%22font-family%3A%20SegoeUI%2C%20Lato%2C%20'Helvetica%20Neue'%2C%20Helvetica%2C%20Arial%2C%20sans-serif%3B%20line-height%3A%201.71429%3B%22%3EEmail%20clients%20might%20see%20repeated%20password%20prompts%20after%20the%20installation%20of%20Windows%20November%20Security%20Updates%26nbsp%3Bare%20installed%20on%20Domain%20Controllers%20(and%20as%20a%20result%2C%20certain%20Kerberos%20delegation%20scenarios%20stop%20working).%20The%20Windows%20team%20has%20now%20released%20an%20OOB%20(Out%20of%20Band)%20update%20that%20resolves%20this.%20Please%20see%20updates%20%3CA%20href%3D%22https%3A%2F%2Fwww.catalog.update.microsoft.com%2FSearch.aspx%3Fq%3D5008602%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3E5008602%3C%2FA%3E%2C%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fwww.catalog.update.microsoft.com%2FSearch.aspx%3Fq%3D5008601%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3E5008601%3C%2FA%3E%2C%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fwww.catalog.update.microsoft.com%2FSearch.aspx%3Fq%3D5008603%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3E5008603%3C%2FA%3E%2C%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fwww.catalog.update.microsoft.com%2FSearch.aspx%3Fq%3D5008604%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3E5008604%3C%2FA%3E%2C%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fwww.catalog.update.microsoft.com%2FSearch.aspx%3Fq%3D5008605%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3E5008605%3C%2FA%3E%20(OS%20specific).%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CH1%20id%3D%22toc-hId-1052545233%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%20id%3D%22toc-hId-1053474612%22%3EFAQs%3C%2FH1%3E%0A%3CP%3E%3CSTRONG%3E%3CEM%3EWe%20installed%20November%202021%20SU%20on%20our%20Exchange%202016%2F2019%20servers.%20Is%20there%20something%20that%20we%20can%20check%20to%20see%20if%20exploit%20was%20attempted%20on%20our%20servers%20before%20the%20fix%20for%20CVE-2021-42321%20was%20put%20in%20place%3F%3C%2FEM%3E%3C%2FSTRONG%3E%3CBR%20%2F%3ERun%20the%20following%20(updated)%20PowerShell%20query%20on%20your%20Exchange%20server%20to%20check%20for%20specific%20events%20in%20the%20Event%20Log%3A%3C%2FP%3E%0A%3CP%20class%3D%22code%22%3EGet-WinEvent%20-FilterHashtable%20%40%7B%20LogName%3D'Application'%3B%20ProviderName%3D'MSExchange%20Common'%3B%20Level%3D2%20%7D%20%7C%20Where-Object%20%7B%20%24_.Message%20-like%20%22*BinaryFormatter.Deserialize*%22%20%7D%3C%2FP%3E%0A%3CP%3EIf%20events%20are%20found%2C%20please%20work%20with%20your%20Security%20Response%20team%20to%20analyze%20the%20server%20further.%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E%3CEM%3EDid%20Microsoft%20release%20a%20CVE-2021-42321%20mitigation%20via%20either%20Exchange%20Server%20Emergency%20Mitigation%20Service%20or%20the%20stand-alone%20EOMT%20tool%3F%3CBR%20%2F%3E%3C%2FEM%3E%3C%2FSTRONG%3EWe%20have%20not%20released%20mitigations%20for%20this%20vulnerability.%20Please%20update%20your%20servers%20to%20resolve%20the%20vulnerability.%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E%3CEM%3EWill%20Microsoft%20be%20releasing%20November%202021%20SUs%20for%20older%20(unsupported)%20versions%20of%20Exchange%20CUs%3F%3CBR%20%2F%3E%3C%2FEM%3E%3C%2FSTRONG%3ENo.%20Please%20update%20to%20one%20of%20the%20supported%20CUs%20to%20be%20able%20to%20install%20November%20SUs.%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E%3CEM%3EMy%20organization%20is%20in%20Hybrid%20mode%20with%20Exchange%20Online.%20Do%20I%20need%20to%20do%20anything%3F%3C%2FEM%3E%3C%2FSTRONG%3E%3CBR%20%2F%3EWhile%20Exchange%20Online%20customers%20are%20already%20protected%2C%20the%20November%202021%20security%20updates%20do%20need%20to%20be%20applied%20to%20your%20on-premises%20Exchange%20Servers%2C%20even%20if%20they%20are%20used%20only%20for%20management%20purposes.%20You%20do%20%3CEM%3Enot%3C%2FEM%3E%20need%20to%20re-run%20the%20Hybrid%20Configuration%20Wizard%20(HCW)%20after%20applying%20updates.%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3E%3CEM%3EDo%20I%20need%20to%20install%20the%20updates%20on%20%E2%80%98Exchange%20Management%20Tools%20only%E2%80%99%20workstations%3F%3CBR%20%2F%3E%3C%2FEM%3E%3C%2FSTRONG%3EServers%20or%20workstations%20running%20only%20Microsoft%20Exchange%20Management%20Tools%20(no%20Exchange%20services)%20do%20not%20need%20to%20apply%20these%20updates.%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EUpdates%20to%20this%20blog%20post%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E11%2F15%3A%20Added%20a%20known%20issue%20with%20November%20security%20update%20on%20Windows%20domain%20controllers%2C%20and%20solution%3C%2FLI%3E%0A%3CLI%3E11%2F11%3A%20Added%20a%20known%20issue%20with%20OWA%20redirect%20for%20hybrid%20customers%3C%2FLI%3E%0A%3CLI%3E11%2F10%3A%20Added%20a%20FAQ%20about%20mitigations%3C%2FLI%3E%0A%3CLI%3E11%2F10%3A%20Changed%20the%20PowerShell%20query%20for%20event%20searches%20from%20an%20older%26nbsp%3BGet-EventLog%20to%20a%20newer%20and%20more%20performant%26nbsp%3BGet-WinEvent.%3C%2FLI%3E%0A%3CLI%3E11%2F10%3A%20Changed%20the%20known%20issue%20wording%20to%20indicate%20that%20WSUS%20issue%20related%20to%20installation%20of%20Exchange%202013%20November%20SU%20has%20now%20been%20resolved.%20If%20you%20use%20WSUS%2C%20please%20download%20the%20updated%20WSUS%20cab%20file.%3C%2FLI%3E%0A%3CLI%3E11%2F9%3A%20When%20this%20post%20got%20originally%20published%2C%20we%20incorrectly%20mentioned%20that%20Microsoft%20Update%20(MU)%20installation%20could%20lead%20to%20an%20error%20when%20Exchange%202013%20SU%20was%20installed.%20This%20has%20now%20been%20corrected%20to%20mention%26nbsp%3BWindows%20Server%20Update%20Services%20(WSUS)%20instead%20(which%20is%20where%20the%20problem%20is.)%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CSPAN%20class%3D%22author%22%3EThe%20Exchange%20Team%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-2933169%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20are%20releasing%20a%20set%20of%20security%20updates%20for%20Exchange%20Server%202013%2C%202016%20and%202019.%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2933169%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAnnouncements%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EExchange%202013%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EExchange%202016%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EExchange%202019%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2965809%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2965809%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F548658%22%20target%3D%22_blank%22%3E%40PrayingMoses%3C%2FA%3E%26nbsp%3BFYI%2C%20I%20have%20just%20updated%20the%20blog%20post%20to%20mention%20a%20Windows%20related%20issue%20that%20happens%20when%20November%20updates%20are%20installed%20on%20Windows%20Domain%20Controllers.%20Basically%20-%20certain%20Kerberos%20delegation%20scenarios%20are%20broken.%20The%20note%20(under%20Known%20issues%20in%20the%20blog)%20has%20links%20to%20the%20Windows%20OOF%20fix%20that%20was%20released%20yesterday.%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1032238%22%20target%3D%22_blank%22%3E%40NK_361170%3C%2FA%3E%26nbsp%3BWe%20know%20the%20root%20cause%20of%20this%20problem%20and%20the%20only%20workaround%20as%20of%20now%20is%20to%20use%20the%20URL%20for%20OWA%20directly.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2965834%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2965834%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1216565%22%20target%3D%22_blank%22%3E%40JosephTodaro%3C%2FA%3E%26nbsp%3BNo%20results%20%3D%20good%20(no%20events%20found)%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2965112%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2965112%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F164282%22%20target%3D%22_blank%22%3E%40Lukas%20Sassl%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnything%20about%20this%3F%3C%2FP%3E%3CP%3EExchange%20server%202013%20CU23%20with%20hybrid%20office%20365%2C%20after%20installing%20this%20update%2C%20like%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F167992%22%20target%3D%22_blank%22%3E%40Abdou%20Elmoslemany%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3ETest1%3A%3CBR%20%2F%3Egoing%20to%20%3CA%20href%3D%22https%3A%2F%2Flocalhost%2Fecp%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Flocalhost%2Fecp%3C%2FA%3E%20in%20a%20%3CSTRONG%3Enew%20browser%20session%20fails%3C%2FSTRONG%3E%3A%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22PrayingMoses_0-1636973237385.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F327029i3797DD8DD057E6C0%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22PrayingMoses_0-1636973237385.png%22%20alt%3D%22PrayingMoses_0-1636973237385.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CBR%20%2F%3ETest2%3A%3CBR%20%2F%3Egoing%20to%20%3CA%20href%3D%22https%3A%2F%2Flocalhost%2Fecp%2F%3FExchClientVer%3D15%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Flocalhost%2Fecp%2F%3FExchClientVer%3D15%3C%2FA%3E%20in%20a%20%3CSTRONG%3Enew%20browser%20session%20works%3C%2FSTRONG%3E%3A%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22PrayingMoses_1-1636973274836.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F327030i29F1E478D3EA8054%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22PrayingMoses_1-1636973274836.png%22%20alt%3D%22PrayingMoses_1-1636973274836.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CBR%20%2F%3ETest3%3A%3CBR%20%2F%3Egoing%20to%20%3CA%20href%3D%22https%3A%2F%2Flocalhost%2Fecp%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Flocalhost%2Fecp%3C%2FA%3E%20in%20the%20%3CSTRONG%3Esame%20browser%20session%20from%20Test2%20works%3C%2FSTRONG%3E%3A%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22PrayingMoses_2-1636973330400.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F327031iD203EA9D2D63F7DA%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22PrayingMoses_2-1636973330400.png%22%20alt%3D%22PrayingMoses_2-1636973330400.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOWA%20also%20raises%20%22External%20component%20has%20thrown%20an%20exception.%22%20(Errors%20are%20also%20logged%20to%26nbsp%3BLogging%5CMonitoring%5COWA%5CClientAccessProbe)%3C%2FP%3E%3CP%3EAre%20there%20possibly%20some%20known%20issues%20and%2For%20relations%20to%20the%20authentication%20used%2Fconfigured%3F%20(e.g%26nbsp%3BKerberos%20authentication%20for%20load-balanced%20Client%20Access%20services)%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%3C%2FP%3E%3CP%3EA.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2966176%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2966176%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F5374%22%20target%3D%22_blank%22%3E%40Nino%20Bilic%3C%2FA%3E%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F324116%22%20target%3D%22_blank%22%3E%40The_Exchange_Team%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EOn%20Prem%20User%20trying%20to%20access%20a%20Exchnage%20online%20Calender%20which%20they%20had%20access%20previously%20not%26nbsp%3B%20working%20now%3F%20its%20asking%20for%20credenatial%20of%20that%20user%2C%20is%20it%20related%20to%20this%20patch%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EExchnage%202016%20CU21%20November%20Security%20Update%20and%20Exchnage%202019%20CU10%20November%20Security%20Update%20(Hybrid%20Server)%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2966302%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2966302%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1032238%22%20target%3D%22_blank%22%3E%40NK_361170%3C%2FA%3E%26nbsp%3BAt%20this%20time%2C%20not%20aware%20of%20that%20in%20particular%20being%20universally%20broken%20after%20November%20security%20updates.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2966852%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2966852%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20started%20with%202016%20CU19%20on%20our%20on-prem%20server%20and%20we%20successfully%20installed%20CU22%20before%20trying%20to%20install%20this%20security%20update.%20Unfortunately%2C%20we're%20getting%20a%20version%20mismatch%20error%20and%20the%20update%20won't%20install.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Dan_Fawcett_0-1637002574750.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F327113iE013A936C0A0D6D4%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Dan_Fawcett_0-1637002574750.png%22%20alt%3D%22Dan_Fawcett_0-1637002574750.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnyone%20else%20encountered%20this%20issue%20and%20have%20a%20suggestion%20for%20how%20to%20get%20this%20update%20installed%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2967089%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2967089%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1219240%22%20target%3D%22_blank%22%3E%40Dan_Fawcett%3C%2FA%3E%26nbsp%3BPlease%20make%20sure%20that%20you%20have%20the%20right%20version%20of%20the%20SU%20for%20the%20CU%20you%20have%20installed!%20See%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fexchange%2Ftroubleshoot%2Fclient-connectivity%2Fexchange-security-update-issues%23upgrade-patch-cant-be-installed%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Ethis%3C%2FA%3E.%20Also%2C%20please%20check%20the%20SetupAssist%20script.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2967235%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2967235%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F5374%22%20target%3D%22_blank%22%3E%40Nino%20Bilic%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThat%20was%20the%20first%20thing%20we%20checked.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20is%20the%20version%20on%20the%20Server%3C%2FP%3E%3CP%3EVersion%3A%20Exchange%202016%20CU22%3CBR%20%2F%3EBuild%20Number%3A%2015.01.2375.007%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20is%20the%20update%20I'm%20trying%20to%20install%20as%20its%20the%20only%20CU22%20update%20that%20is%20available.%3CBR%20%2F%3ESecurity%20Update%20for%20Exchange%20Server%202016%20Cumulative%20Update%2022%20(KB5007409)%2015.1.2375.17%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%20there%20is%20a%20slight%20mismatch%20between%20the%20numbers%20as%20one%20is%20.007%20and%20the%20other%20is%20.17%20.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2947948%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2947948%22%20slang%3D%22en-US%22%3E%3CP%3EWhat%20about%20Servers%20which%20are%20not%20public%20facing%2C%20are%20they%20vulnerable%20this%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2948393%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2948393%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F164282%22%20target%3D%22_blank%22%3E%40Lukas%20Sassl%3C%2FA%3E%26nbsp%3Bthank%20you!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2955151%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2955151%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F550607%22%20target%3D%22_blank%22%3E%401990%3C%2FA%3E%26nbsp%3BYes%2C%20our%20security%20updates%20are%20cumulative.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2974095%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2974095%22%20slang%3D%22en-US%22%3E%3CP%3EYesterday%20(Nov%2016)%20the%20description%20of%20CVE-2021-42321%20was%20updated%20and%20now%20it%20includes%20update%20for%20Exchange%20Server%202013%20as%20well.%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fmsrc.microsoft.com%2Fupdate-guide%2Fvulnerability%2FCVE-2021-42321%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fmsrc.microsoft.com%2Fupdate-guide%2Fvulnerability%2FCVE-2021-42321%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20the%20above%20statement%20that%20CVE-2021-42321%20affects%20only%202016%2F2019%20still%20valid%20or%20is%20version%202013%20also%20affected%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2974634%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2974634%22%20slang%3D%22en-US%22%3E%3CP%3EOne%20day%20after%20the%20SU%20appeared%20on%20November%209th%2C%20we%20installed%20the%20update%20on%20our%20Exchange%202013%20servers.%20We%20have%20now%20received%20feedback%20from%20some%20users%20that%20e-mails%20are%20no%20longer%20automatically%20updated%20in%20the%20OWA.%20I%20can%20simulate%20the%20behavior%20with%20different%20browsers%20and%20users.%20The%20new%20objects%20in%20the%20inbox%20are%20only%20displayed%20in%20the%20OWA%20after%20a%20manual%20reload%20of%20the%20website.%20Can%20someone%20confirm%20the%20behavior%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2975242%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2975242%22%20slang%3D%22en-US%22%3E%3CP%3EAny%20update%20on%20this%3F%20Thanks.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fexchange-team-blog%2Freleased-november-2021-exchange-server-security-updates%2Fbc-p%2F2965074%2Fhighlight%2Ftrue%23M31712%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fexchange-team-blog%2Freleased-november-2021-exchange-server-security-updates%2Fbc-p%2F2965074%2Fhighlight%2Ftrue%23M31712%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2975298%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2975298%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1221225%22%20target%3D%22_blank%22%3E%40OndrejHolas%3C%2FA%3E%26nbsp%3BSorry%20about%20that%3B%20that%20was%20a%20mistake%20and%20is%20in%20the%20process%20of%20being%20corrected%3B%20Exchange%202013%20is%20%3CEM%3Enot%3C%2FEM%3E%20impacted%20by%26nbsp%3BCVE-2021-42321.%3C%2FP%3E%0A%3CP%3EEDIT%3A%20now%20corrected.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2975320%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2975320%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F734740%22%20target%3D%22_blank%22%3E%40SolomonIsaacson%3C%2FA%3E%26nbsp%3B-%20as%20we%20said%2C%20we%20are%20aware%20of%20OWA%20redirection%20URLs%20not%20working%20properly%3B%20the%20workaround%20(for%20now)%20is%20to%20use%20direct%20cloud%20OWA%20URLs.%20Now%2C%20as%20far%20as%20authentication%20is%20concerned%20-%20please%20see%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Ftopic%2Foutlook-and-mobile-clients-don-t-authenticate-after-november-2021-fixes-for-windows-installed-26ec6b81-d5b4-44b1-9c86-eb55ab174bf9%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EOutlook%20and%20mobile%20clients%20don%E2%80%99t%20authenticate%20after%20November%202021%20fixes%20for%20Windows%20installed%20(microsoft.com)%3C%2FA%3E%26nbsp%3Bbecause%20there%20has%20also%20been%20a%20regression%20in%20one%20of%20the%20Windows%20November%20security%20updates%20that%20broke%20Kerberos%20delegation%20after%20installation%20on%20DCs.%20There%20is%20an%20OOB%20fix%20available.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2978003%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2978003%22%20slang%3D%22en-US%22%3E%3CP%3EHi%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F5374%22%20target%3D%22_blank%22%3E%40Nino%20Bilic%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22%22%3E%3CSPAN%20class%3D%22%22%3E%3CSPAN%3EWe%20are%20with%20this%20same%20behavior%20in%20the%20redirect.%3C%2FSPAN%3E%3C%2FSPAN%3E%20%3CSPAN%20class%3D%22%22%3E%3CSPAN%3EDoes%20Microsoft%20have%20a%20forecast%20for%20the%20fix%3F%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2978022%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2978022%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F158489%22%20target%3D%22_blank%22%3E%40Marco%20Antonio%20da%20Silva%3C%2FA%3E%26nbsp%3BSorry%20we%20have%20nothing%20new%20to%20share%3B%20we%20are%20still%20working%20on%20this%20problem%20and%20will%20update%20the%20blog%20post%20if%20%2F%20when%20we%20get%20something%20new.%20I'll%20tag%20everyone%20here%20who%20mentioned%20having%20this%20problem.%20For%20now%2C%20though%2C%20the%20only%20workaround%20we%20have%20is%20to%20use%20the%20direct%20OWA%20URL%20for%20Exchange%20Online.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2978026%22%20slang%3D%22en-US%22%3ERe%3A%20Released%3A%20November%202021%20Exchange%20Server%20Security%20Updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2978026%22%20slang%3D%22en-US%22%3E%3CP%3EThank%20you%20for%20reply%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F5374%22%20target%3D%22_blank%22%3E%40Nino%20Bilic%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22%22%3E%3CSPAN%20class%3D%22%22%3E%3CSPAN%3EWe%20will%20wait%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Co-Authors
Version history
Last update:
‎Nov 24 2021 01:06 PM
Updated by: