The estimated reading time 1 minutes
Some days ago Microsoft released the October SU for Exchange 2016 and 2019. Installing this update is the same setup routine as known from previous updates before.
See the original Exchange Team Blog post.
Of course here are the downloadlinks for manual downloads.
This is the official update instruction:
Updating to SU october Microsoft treates also CVE-2023-21709, those admins who did not execute workaround august 2023 can stop reading at this point. Those who did need to revert this change after installing SU and Windows Updates KB5031356 .
Some additional information about CVE 2023-36434 wich was fixed also.
After installing everything and rebooting you are now able to revert the workaround. If you don’t do this Exchange HealthChecker is prompting yellow warning like this.
Reverting this workaround can be done in two ways. If you want to treat only one Exchange Server in your environment you can do it with this command:
New-WebGlobalModule -Name "TokenCacheModule" -Image "%windir%\System32\inetsrv\cachtokn.dll"
Else if you want to treat all your Exchange Server, you can use the Rollback Option from CVE-2023-21709.
Have fun and good luck. If you like this article please click on helpful.