On June 13, 2023 Microsoft has released Security Updates for:

• Exchange 2019 CU13
• Exchange 2019 CU12
• Exchange 2016 CU23

There are no Security Updates released for older versions of Exchange 2016 and Exchange 2019, these are the only supported versions. There are also no Security Updates for Exchange 2013 since this is completely out-of-support. If you are still running on Exchange 2013 you must seriously consider upgrading to Exchange 2019 or Exchange Online.

The following vulnerabilities are addressed with these Security Updates:

Vulnerability	Impact	Severity
CVE-2023-28310	Remote Code Execution	Important
CVE-2023-32031	Remote Code Execution	Important

More information regarding CVE’s can be found in the Security Update Guide.

The Security Update downloads en knowledgebase articles can be found here:

Exchange version	Download	KB article
Exchange 2019 CU13	https://www.microsoft.com/en-us/download/details.aspx?id=105280	KB5026261
Exchange 2019 CU12	https://www.microsoft.com/en-us/download/details.aspx?id=105281	KB5026261
Exchange 2016 CU23	https://www.microsoft.com/en-us/download/details.aspx?id=105282	KB5025903

Some remarks about these Security Updates:

• When possible, try to run the latest Cumulative Update for Exchange 2016 or Exchange 2019.
• Exchange Security Updates are cumulative, so a Security Update contains all fixes that were released in earlier Security Updates (for a specific Exchange Cumulative Update).
• Exchange Security Updates are specific for an Exchange Cumulative Update, so you cannot install an Exchange Security Update for Exchange 2019 CU13 on an Exchange 2019 CU12 server.
• Security Updates must be installed on hybrid servers as well, even if there are no mailboxes anymore on these hybrid servers.
• If you have a management server with only the Exchange server management tools installed, you must install Security Updates as well.
• Of course, test Security Updates in a test environment first.
• Use the Microsoft Exchange Healthchecker script (https://microsoft.github.io/CSS-Exchange/Diagnostics/HealthChecker/) to check the status of your Exchange server and if additional actions are needed.