The estimated reading time 1 minutes
Today a new exchange update KB5008631 for all supported versions of exchange was released. See the original link to Exchange Team blog:
https://techcommunity.microsoft.com/t5/exchange-team-blog/released-january-2022-exchange-server-security-updates/ba-p/3050699
Here are the links to download manually:
They say there are some vulnerabilities but no exploit, so there is not that much pressure to install this update. Anyway you should install it as soon as possible.
If you have a look on the CVE it is also an Remote Code Execution Vulnerability, but it can not simply be done from the internet.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21969
Exchange HealthChecker also got an update so it can warn if the January Update is missing. Just use this small tool.
https://microsoft.github.io/CSS-Exchange/Diagnostics/HealthChecker/
If you don’t want to wait for windows update and want to install the security patch manually, use the elevated command prompt.
Have a look on FAQs maybe there are some important information:
Happy patching.
