Microsoft Exchange team releases Exchange Server Security Updates (SUs) when vulnerabilities are discovered. You don't…
Microsoft released Cumulative Update 19 for Exchange Server 2016 (KB4588884) on December 15, 2020. Also known as Exchange Server 2016 CU19. This cumulative update includes fixes for nonsecurity issues and all previously released fixes for security and nonsecurity issues. These fixes will also be included in later cumulative updates for Exchange Server 2016. This update also resolves vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17142, CVE-2020-17143.
How to update Exchange Server 2016 to CU19?
It’s recommended to update the Exchange Server in the lab environment before updating it in the production environment.
- Download Cumulative Update CU19 for Exchange Server 2016 (KB4588884)
- Update to Microsoft .NET Framework 4.8
- Install Cumulative Update Exchange 2016
Cumulative Update CU19 for Exchange Server 2016 is released as version 15.01.2176.002. Which version are you running now? Read more on how to find your Exchange version build number.
Known issues in Cumulative Update 19
In multidomain Active Directory forests in which Exchange is installed or has been prepared previously by using the /PrepareDomain option in Setup, this action must be completed after the /PrepareAD command for this cumulative update has been completed and the changes are replicated to all domains. Setup will try to run the /PrepareAD command during the first server installation. Installation will finish only if the user who initiated Setup has the appropriate permissions.
Issues fixed in Cumulative Update 19
This cumulative update fixes the issues that are described in the following Microsoft Knowledge Base articles:
- 4588297 Attachments can’t be downloaded or previewed from Outlook Web App
- 4583531 Design change about inline images will be forced to download but not open in a new tab of OWA in Exchange Server 2016
- 4583532 ELC MRM archiving fails due to DomainName in AuthServer in Exchange Server 2016
- 4583533 Exchange Server 2016 installation fails with error “The user has insufficient access rights”
- 4583534 Event ID 65535 System.Runtime.Serialization errors in Application log in Exchange Server 2016
- 4583535 New-Moverequest, Resume-Moverequest, and Remove-Moverequest not logged in Audit logs in Exchange Server 2016
- 4583536 Set-MailboxFolderPermission is included in Mail Recipient Creation in Exchange Server 2016
- 4583537 Update Korean word breaker in Exchange Server 2016
- 4583538 Microsoft Teams REST calls exceed the default value of maxQueryStringLength in Exchange Server 2016
- 4583539 Non-breaking space is visible in message body in Outlook in Exchange Server 2016
- 4583545 Make DomainName in Authserver a multivalued parameter in Exchange Server 2016
- 4593465 Description of the security update for Microsoft Exchange Server 2019 and 2016: December 8, 2020