In May, Microsoft released a cumulative update for Exchange 2019. Once you get the H1 2023 cumulative update, be sure to grab the security updates released in June.
While Exchange 2016 did not receive a cumulative update, it did get a June security update, so be sure to install it.
Exchange 2013 did not get any updates as it is officially out of support. If you are on Exchange 2013, you should upgrade to Exchange 2019 or migrate to Exchange Online. No future security updates are planned for Exchange 2013.
If you need guidance on migrating from a specific CU to the latest, check out Microsoft’s Exchange Update Wizard for step-by-step instructions.
The updates are as follows:
Exchange 2019:
Cumulative Update 13 (KB5020999) | June 2023 Security Update (for CU13)
Exchange 2016:
No new cumulative update | June 2023 Security Update (for CU23)
Exchange 2013 is out of extended support
Exchange 2013 exited extended support on April 11th, 2023. This means that there are no more security patches or technical support for these products. Any security patches after April 11th, 2023, are at Microsoft’s discretion. At the time of writing, the last update for Exchange 2013, is the March 14th, 2023 security update.
Due to the lack of security patches, it is imperative to upgrade these products to either Exchange 2019 or Exchange Online as soon as possible. For more information on how to migrate to Exchange 2019 or Exchange Online, check out Microsoft’s deployment guides here.
Modern Authentication
Cumulative Update 13 adds native OAuth2.0 support to Exchange 2019. Previously if you wanted to leverage modern authentication with Exchange 2019, you had to establish hybrid connectivity with Exchange Online and implement Hybrid Modern Authentication.
This update removes that requirement allowing you to implement modern auth with entirely on-premises technologies. To implement native modern auth in Exchange 2019, you will need to meet the following requirements:
- Exchange 2019 CU13 or later
- Active Directory Federation Services 2019 (ADFS 2019) or later
- Outlook for Windows (Version 2304 – Build 16327.20214) running on Windows 11 (Version 22H2 with KB5023706 installed)
- Outlook on the Web
Note: Modern auth support for Outlook for Mac, Outlook Mobile, and native mail apps will be added in a later update. At the time of writing, these clients will continue to use basic auth to connect to Exchange 2019.
Enabling modern auth, either through native modern authentication or hybrid modern authentication, greatly increases the security posture of Exchange on-premises. With native modern auth, organizations leveraging Exchange on-prem can utilize ADFS as their identity provider. This allows for multi-factor authentication, smart card authentication, certificate-based authentication, and integration with third-party authentication providers.
For more information on deploying native modern authentication for Exchange 2019, check this article.
[Read more…] about Exchange H1 2023 Cumulative Updates