Exchange Server September 2021 CU comes Sept. 28 with Microsoft Exchange Emergency Mitigation Service

Update[German]A brief article about Microsoft Exchange Server (On-Premises). The release of the Cumulative Update (CU) for Microsoft Exchange Server for September 2021 has been postponed to September 28, 2021. There are supposed to be some new features with the cumulative update. In addition, Microsoft has recently published a document on the update of Exchange Server on the Internet.


Updating Exchange Server to new CU

On September 13, 2021, Microsoft published the support article Upgrade Exchange to the latest Cumulative Update. Those who have Exchange Server 2016 or Exchange Server 2019 installed can upgrade those instances to the latest Exchange Server cumulative update (CU). Because each CU is a complete installation of Exchange and includes updates and changes from all previous CUs, you do not need to install any previous CUs, Exchange 2016 RTM, or Exchange 2019 RTM. For more information on the latest Exchange CU available, see Updates for Exchange Server. The support article linked above provides guidance on what to consider when installing a CU. 

Exchange Server CU September 2021 delayed

Normally, Microsoft releases cumulative updates (CUs) for Exchange Server on the third Tuesday of each month. That would have been Sept. 21, 2021. However, in this Techcommunity post, Microsoft informed 9/17/2021 that the September CU for Exchange Server will be delayed one week. The Cumulative Updates had been released on September 28, 2021.

Microsoft recommends administrators bring Exchange Server installations up to date. Once the September 2021 CUs are released, only the June 2021 and September 2021 CUs will be supported for Exchange Server security updates. Anyone running Exchange 2016 or Exchange 2019 who has not yet installed the June 2021 CU should do so now.

New feature for Exchange Server CU September 2021

Cyberattacks are becoming more frequent and sophisticated. Therefore, it is critical that on-premises Exchange servers are secure and up to date. Already with the June 2021 CUs, the Antimalware Scan Interface (AMSI) was introduced as a new feature – via which scan engines from antivirus vendors can be integrated. I had pointed out the associated problems in the blog post Exchange 2016/2019: Outlook problems due to AMSI integration.

With the September 2021 Cumulative Updates (CU) for Exchange Server, Microsoft goes one step further and introduces a Microsoft Exchange Emergency Mitigation Service as a new feature. The following tweet addresses this and refers to this Techcommunity article from September 24, 2021 with more details. 


Exchange Server CU September 2021

The Exchange Emergency Mitigation (EM) service is designed to protect Exchange servers against potential threats by applying remediation. The service uses the cloud-based Office Config Service (OCS) to search for and download available remediation actions and send diagnostic data to Microsoft.

The EM service will run as a Windows service on an Exchange mail server once the September 2021 CU (or later) is installed on Exchange Server 2016 or Exchange Server 2019. The EM service is automatically installed on Exchange servers with the Mailbox role. The EM service is not installed on Edge Transport servers. However, using the EM service is optional and this feature can be disabled. Details can be found in the Techcommunity post and this Microsoft support post.

Similar articles:
Security updates for Exchange Server (July 2021)
Cumulative Exchange CUs June 2021 released
Exchange Server Security Update KB5001779 (April 13, 2021)
Exchange isues with ECP/OWA search after installing security update (March 2021)
Exchange security updates from July 2021 breaks ECP and OWA
Exchange 2016/2019: Outlook problems due to AMSI integration
Wave of attacks, almost 2,000 Exchange servers hacked via ProxyShell
Exchange Server 2016-2019: Custom attributes in ECP no longer updatable after CU installation (July 2021)
Exchange Server: Authentication bypass with ProxyToken
Exchange vulnerabilities: Will we see Hafnium II?

Cookies helps to fund this blog: Cookie settings

This entry was posted in Software, Update, Windows and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *