9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.02 Low
EPSS
Percentile
88.7%
NoticeWe have re-released the Exchange Server 2019 and 2016 August 8, 2023, security update (SU) to address the localization issue that caused installations on non-English operating systems (OS) to fail. You can find the re-released version of the SU here: <https://support.microsoft.com/help/5030524>The SU will also soon be available through Microsoft Update / Windows Update. For more information about the re-release, see this Exchange Team Blog article.
This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE)
**Note:**Please follow the instructions in the Microsoft Security Response Center (MSRC) article to address the vulnerability.
To enable Extended Protection on Exchange-based servers, see Extended Protection enabled in Exchange Server (KB5017260).
This update is superseded by version 2 of the security update for Microsoft Exchange Server 2019 and 2016. For more information, see the βKnown issues in this updateβ section in this article.
For deployment information about this update, see Deployments - Security Update Guide.
This security update replaces the following previously released updates:
Update Name | File name | SHA256 hash | |
---|---|---|---|
Exchange Server 2019 Cumulative Update 13 SU2 | Exchange2019-KB5029388-x64-en.exe | AB47764A566A5555474BFF3AB3FDE03DC47C5E31B35B6BA196E25D9FBBD7DA48 | |
Exchange Server 2019 Cumulative Update 12 SU9 | Exchange2019-KB5029388-x64-en.exe | 5539D00A4721AFF37AD804AA899B267D0F480039015745C15265D998D0338B18 | |
Exchange Server 2016 Cumulative Update 23 SU9 | Exchange2016-KB5029388-x64-en.exe | 622C0D5441E1484A5FD5BE7438689E1D7722542A4B93ECF1A108214A9346C678 |
The hash tables for additional languages are available here:
Protect yourself online: Windows Security supportLearn how we guard against cyber threats: Microsoft Security
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.02 Low
EPSS
Percentile
88.7%