Exchange security update August 2022 (KB5015322)

The estimated reading time 1 minutes

Even on holiday admins have to monitor patches from system inside their environment. Today Microsoft Exchange Team released a new Exchange security update SU August 2022 (KB5015322).
This one is not a CU but “only” SU, which needs some attention.

see the official link Exchange Team blog.

See some information about CVEs:

As you can see there are some CVEs which are marked as “critical”, so you should patch them as soon as possible.
Let’s have a deeper look on CVE-2022-24477 .

If you spent some time reading FAQs you soon realize that there is increased risk.

Official Link to  SU KB5015322

Don’t waste time and patch your systems. But some CVEs you need to activate Windows Exetended Protection feature for IIS.

There is another “little” website where you can see the prerequisites for this little feature.
Additional Information EP

NOTE these are the known issues with EP

PublicFolders only works in special conditions

There are some compatibility issues with older Servers and older CUs

Hybrid Server with Modern Hybrid Configuration

SSL and TLS settings

If you are still sure to activate EP you can find the manual here

Please read the prerequisites carefully.

As always after updating, use the official Exchange HealthChecker script.

Good luck and if you liked this articel, please click on helpful.

Print Friendly, PDF & Email
Was this article helpful?
0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments