The estimated reading time 1 minutes

Today a new exchange update KB5008631 for all supported versions of exchange was released. See the original link to Exchange Team blog:
https://techcommunity.microsoft.com/t5/exchange-team-blog/released-january-2022-exchange-server-security-updates/ba-p/3050699

Here are the links to download manually:

  • Exchange Server 2013 CU23
  • Exchange Server 2016 CU21 and CU22
  • Exchange Server 2019 CU10 and CU11

They say there are some vulnerabilities but no exploit, so there is not that much pressure to install this update. Anyway you should install it as soon as possible.

If you have a look on the CVE it is also an Remote Code Execution Vulnerability, but it can not simply be done from the internet.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21969

Exchange HealthChecker also got an update so it can warn if the January Update is missing. Just use this small tool.

https://microsoft.github.io/CSS-Exchange/Diagnostics/HealthChecker/

If you don’t want to wait for windows update and want to install the security patch manually, use the elevated command prompt.

Have a look on FAQs maybe there are some important information:

Happy patching.

Print Friendly, PDF & Email
  • Was this Helpful ?
  • yes   no