Exchange Server Cumulative Updates (CUs) are comprehensive packages that Microsoft releases regularly to provide updates, fixes, and improvements for Microsoft Exchange Server. These updates encompass a collection of previously released updates, security fixes, and various enhancements to the Exchange Server software.
Key aspects of Cumulative Updates for Exchange Server include:
- Aggregated Updates: CUs accumulate all the updates and improvements from previous releases. Instead of individually installing numerous updates, administrators can apply a CU to bring their Exchange Server to a more current state.
- Security Fixes: CUs often address security vulnerabilities discovered in the Exchange Server software. Installing the latest CU ensures that the server benefits from the most recent security enhancements.
- Feature Enhancements: Microsoft may introduce new features, functionalities, or improvements to existing features with each cumulative update. This allows organizations to stay current with the latest capabilities.
- Bug Fixes: Cumulative Updates address known issues and bugs reported by users. Applying the latest CU can resolve these issues and enhance the overall stability and performance of Exchange Server.
- Simplified Updating Process: CUs simplify the updating process by consolidating multiple updates into a single package. This streamlines the update deployment process for administrators.
It’s essential for organizations using Exchange Server to regularly review and consider applying the latest Cumulative Updates. However, before performing any updates, thorough testing in a lab environment is recommended to ensure compatibility with specific organizational configurations and requirements. Always refer to Microsoft’s official documentation for guidance on installing and managing Cumulative Updates for Exchange Server.
On February 13, 2024, Microsoft rolled out Cumulative Update 14 (KB5035606) for Exchange Server 2019, also recognized as Exchange Server 2019 CU14. This update encompasses fixes for both security and nonsecurity issues, ensuring comprehensive resolution. To seamlessly update to CU14, it is advisable to perform the process initially in a lab environment. The necessary steps involve :
- Downloading CU14 (KB5020999)
- Updating to Microsoft .NET Framework 4.8. (If its already installed, you will receive a message that its already installed on your server).
- Then proceeding with the installation of Exchange Cumulative Update.
Note that CU14 for Exchange Server 2019 is designated as version 15.02.1544.004.
Enhancements in Cumulative Update 14 include:
- Updated daylight saving time (DST) protocols for Exchange Server 2019. Refer to the Daylight Saving Time Help and Support Center for detailed information.
- Default activation of Extended Protection for Exchange Server 2019. Explore prerequisites for enabling or disabling Extended Protection in Exchange Server by referring to the Configure Windows Extended Protection in Exchange Server documentation.
- Compatibility with .NET Framework 4.8.1 on Microsoft Windows Server 2022.
Vulnerabilities resolved in Cumulative Update 14:
This update mitigates vulnerabilities in Microsoft Exchange Server. To gain insights into these concerns, refer to the associated Common Vulnerabilities and Exposures (CVE):
Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2024-21410
Issues fixed in Cumulative Update 14:
This Cumulative Update fixes the issues that are described in the following Microsoft Knowledge Base articles:
- 5035442 Exchange Mitigation Service does not log incremental updates
- 5035443 Read receipts are returned if ActiveSyncSuppressReadReceipt is “True” in Exchange Server 2019
- 5035444 System.argumentnullexception when you try to run an eDiscovery search
- 5035446 OAB shadow distribution fails if legacy authorization is blocked
- 5035448 MCDB fails and leads to lagged copy activation
- 5035450 Exchange 2019 setup installs a outdated JQuery library
- 5035452 Usernames are not displayed in Event ID 23 and 258
- 5035453 Issues in Exchange or Teams when you try to delegate information
- 5035455 MSExchangeIS stops responding and returns “System.NullReferenceExceptions” multiple times per day
- 5035456 “Deserialization blocked at location HaRpcError” error and Exchange replication stops responding
- 5035493 FIP-FS Proxy Customizations are disabled after a CU or an SU update
- 5035494 Modern attachment doesn’t work when web proxy is used in Exchange Server 2019
- 5035495 OWA displays junk operations even if junk mail reporting is disabled
- 5035497 Edit permissions option in the ECP can’t be edited
- 5035542 Remote equipment and room mailboxes can now be managed through EAC
- 5035616 Logon events failure after updating Windows Server
- 5035617 Transport rules aren’t applied to multipart or alternative messages
- 5035689 “High %Time in GC” and EWS doesn’t respond
Known issues in Cumulative Update 14:
During the execution of /PrepareAD, /PrepareSchema, or /PrepareDomain using Setup.exe, the installer incorrectly indicates that Extended Protection was configured, accompanied by the following error message: Exchange Setup has enabled Extended Protection on all the virtual directories on this machine.
Conclusion
In summary, Exchange Server Cumulative Updates are vital for maintaining Microsoft Exchange Server’s performance. Cumulative Update 14 for Exchange Server 2019, released on February 13, 2024, addresses security and nonsecurity issues while introducing enhancements.
This update streamlines the updating process, providing fixes for vulnerabilities and known issues. The release includes improvements like updated daylight saving time protocols and Extended Protection activation. Organizations are advised to test updates in a lab environment before deployment and consult Microsoft’s official documentation for guidance. Regular updates ensure a secure and optimized Exchange Server environment.
