We have an existing Azure AD Connect synchronization with Microsoft 365 tenant. We did create…
March 2022 Exchange Server Security Updates
Microsoft released several Security Updates (SUs) for Microsoft Exchange Server to address vulnerabilities. Due to the critical nature of these vulnerabilities, we recommend that customers apply the updates to affected systems immediately to protect the environment.
Note: These vulnerabilities affect Microsoft Exchange Server. Exchange Online is not affected.
Exchange Server Security Updates
Microsoft has released Security Updates for vulnerabilities found in:
- Exchange Server 2013
- Exchange Server 2016
- Exchange Server 2019
These Security Updates are available for the following specific versions of Exchange:
Read more on how to Install Exchange Security Update.
If you are not at these Exchange Server CU versions, please update right now and apply the above patch.
Read more on how to Install Exchange Cumulative Update.
Vulnerabilities addressed in the March 2022 Security Updates were responsibly reported by security partners and found through Microsoft’s internal processes. Although we are not aware of any active exploits in the wild, our recommendation is to install these updates immediately to protect your environment.
FAQs
The last SU that we installed is (a few months old). Do we need to install all SUs in order, to install the latest one?
The Exchange Server Security Updates are cumulative. If you are running the CU that the SU can be installed on, you do not need to install all the SUs in sequential order but can install the latest SU only.
My organization is in Hybrid mode with Exchange Online. Do I need to do anything?
While Exchange Online customers are already protected, the March 2022 security updates do need to be applied to your on-premises Exchange Servers, even if they are used only for management purposes. You do not need to re-run the Hybrid Configuration Wizard (HCW) after applying updates.
Do I need to install the updates on “Exchange Management Tools only” workstations?
Install Security Updates on all Exchange Servers as well as servers or workstations running Exchange Management Tools only, which will ensure that there is no incompatibility between management tools clients and servers.
Further information
What Others Are Reading
Is this update included in the Exchange 2016 CU23? I looked at the list of KB issues that this CU fixes and do not see it.
Yes, all previous Security Updates are included in the Cumulative Update. However, the Cumulative Update KB doesn’t show the SU fixes.
but I get the same issue after installed sec update .. The front-end Microsoft Exchange Transport service stops and doesn’t restart .. please your advice
I have an issue after installing KB5012698 on EX2016CU21
MSExchangeTransport
ID 1019
Failed to start listening (Error: 10048). Binding: 0.0.0.0:2525.
MSExchangeTransport
ID 1036
SmtpReceive
Inbound direct trust authentication failed for certificate %1. The source IP address of the server that tried to authenticate to Microsoft Exchange is [%2]. Make sure EdgeSync is running properly.
It looks like https://learn.microsoft.com/en-us/exchange/troubleshoot/mailflow/front-end-microsoft-exchange-transport-service-stops
but port is different 25 vs 2525. I rolled back for now…
Hello,
Should I install it on my Edge servers?
Thanks
Hi Jerry,
Yes, you should install SUs on Exchange Edge Transport servers.