{"id":31917,"date":"2023-10-11T00:02:37","date_gmt":"2023-10-10T22:02:37","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=31917"},"modified":"2023-10-14T17:15:43","modified_gmt":"2023-10-14T15:15:43","slug":"exchange-server-security-updates-october-10-2023","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2023\/10\/11\/exchange-server-security-updates-october-10-2023\/","title":{"rendered":"Exchange Server Security Updates (October 10, 2023)"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"margin: 0px 10px 0px 0px;\" title=\"Exchange Logo\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2022\/06\/Exchange.jpg\" alt=\"Exchange Logo\" width=\"152\" height=\"133\" align=\"left\" border=\"0\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/?p=286846\" target=\"_blank\" rel=\"noopener\">German<\/a>]Microsoft released security updates for Exchange Server 2016 and Exchange Server 2019 on October 10. These security updates close vulnerabilities in this software. The updates should be installed on the systems promptly to close the vulnerabilities in question.<!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg08.met.vgwort.de\/na\/b0b3e666c5204db2b3d4f727c69ea9af\" alt=\"\" width=\"1\" height=\"1\" \/>I came across the following <a href=\"https:\/\/twitter.com\/MSFTExchange\/status\/1711789350290346304\" target=\"_blank\" rel=\"noopener\">tweet<\/a> from the Exchange team regarding the security updates for Exchange Server 2016 and Exchange Server 2019.<\/p>\n<p><a href=\"https:\/\/techcommunity.microsoft.com\/t5\/exchange-team-blog\/released-october-2023-exchange-server-security-updates\/ba-p\/3950647\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"\" title=\"Exchange August 2023 Updates\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2023\/10\/8QUAPAt.png\" alt=\"Exchange Oktober 2023 Updates\" width=\"627\" height=\"536\" \/><\/a><\/p>\n<p>Microsoft has published the Techcommunity post <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/exchange-team-blog\/released-october-2023-exchange-server-security-updates\/ba-p\/3950647\" target=\"_blank\" rel=\"noopener\">Released: October 2023 Exchange Server Security Updates<\/a> with a description of the security updates. Security updates are available for the following Exchange Server CU versions.<\/p>\n<ul>\n<li>Exchange Server 2016 <a href=\"https:\/\/www.microsoft.com\/download\/details.aspx?familyID=4fae83a5-23d7-4495-aa07-1a69916a96d7\" target=\"_blank\" rel=\"noopener\">CU23<\/a><\/li>\n<li>Exchange Server 2019 <a href=\"https:\/\/www.microsoft.com\/download\/details.aspx?familyID=d4fedb8b-301b-452c-80a6-b5ea046b4c05\" target=\"_blank\" rel=\"noopener\">CU12<\/a> and <a href=\"https:\/\/www.microsoft.com\/download\/details.aspx?familyID=b06d4704-241a-48a1-9be8-a079804e2987\" target=\"_blank\" rel=\"noopener\">CU13<\/a><\/li>\n<\/ul>\n<p>SUs are <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/exchange-team-blog\/new-exchange-server-security-update-and-hotfix-packaging\/ba-p\/3301819\" target=\"_blank\" rel=\"noopener\">available<\/a> as self-extracting .exe packages and as original update packages (.msp files), and can be downloaded from the <a href=\"https:\/\/www.catalog.update.microsoft.com\/Home.aspx\" target=\"_blank\" rel=\"noopener\">Microsoft Update Catalog<\/a>.<\/p>\n<p>Microsoft writes in the Techcommunity post that the security updates address vulnerabilities reported to Microsoft by security partners and found through Microsoft's internal processes.<\/p>\n<p>During the release of the August 2023 SUs, Microsoft recommended using a manual or scripted fix and disabling the IIS token cache module to address CVE-2023-21709. With the October 2023 updates, the Windows team released the IIS fix for the root cause of this vulnerability in the form of the fix for CVE-2023-36434. Microsoft recommends installing the IIS fix and then re-enabling the token cache module on Exchange servers.<\/p>\n<p>Pay attention to Microsoft's notes on the update installation, and what else needs to be considered. No issues are known with this update.<\/p>\n<p>These vulnerabilities affect Exchange Server. Exchange Online customers are already protected from the vulnerabilities covered in these SUs and do not need to take any action other than updating all Exchange servers in their environment.<\/p>\n<p>See also\u00a0<a href=\"https:\/\/borncity.com\/win\/2023\/10\/14\/exchange-server-oct-2023-updates-fail-with-error-0x80070534\/\">Exchange Server Oct. 2023 updates fail with error 0x80070534<\/a><\/p>\n<p><strong>Similar articles:<br \/>\n<\/strong><a href=\"https:\/\/borncity.com\/win\/2023\/10\/10\/microsoft-security-update-summary-oktober-10-2023\/\" target=\"_blank\" rel=\"noopener\">Microsoft Security Update Summary (October 10, 2023)<\/a><a href=\"https:\/\/borncity.com\/win\/2023\/10\/10\/microsoft-security-update-summary-oktober-10-2023\/\" target=\"_blank\" rel=\"noopener\"><br \/>\n<\/a><a href=\"https:\/\/borncity.com\/win\/2023\/10\/11\/patchday-windows-10-updates-oktober-10-2023\/\">Patchday: Windows 10 Updates (October 10, 2023)<\/a><a href=\"https:\/\/borncity.com\/win\/2023\/10\/10\/microsoft-security-update-summary-oktober-10-2023\/\" target=\"_blank\" rel=\"noopener\"><br \/>\n<\/a><a href=\"https:\/\/borncity.com\/win\/2023\/10\/11\/patchday-windows-11-server-2022-updates-october-10-2023\/\">Patchday: Windows 11\/Server 2022 Updates (October 10, 2023)<\/a><a href=\"https:\/\/borncity.com\/win\/2023\/10\/10\/microsoft-security-update-summary-oktober-10-2023\/\" target=\"_blank\" rel=\"noopener\"><br \/>\n<\/a><a href=\"https:\/\/borncity.com\/win\/2023\/10\/12\/windows-7-server-2008-r2-server-2012-r2-updates-october-10-2023\/\">Windows 7\/Server 2008 R2; Server 2012 R2: Updates (October 10, 2023)<\/a><a href=\"https:\/\/borncity.com\/win\/2023\/10\/10\/microsoft-security-update-summary-oktober-10-2023\/\" target=\"_blank\" rel=\"noopener\"><br \/>\n<\/a><a href=\"https:\/\/borncity.com\/win\/2023\/10\/13\/microsoft-office-updates-october-10-2023\/\">Microsoft Office Updates (October 10, 2023)<\/a><\/p>\n<p><a href=\"https:\/\/borncity.com\/win\/?p=31917\">Exchange Server Security Updates (October 10, 2023)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Microsoft released security updates for Exchange Server 2016 and Exchange Server 2019 on October 10. These security updates close vulnerabilities in this software. The updates should be installed on the systems promptly to close the vulnerabilities in question.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,1547,22],"tags":[869,2820,2821,195],"class_list":["post-31917","post","type-post","status-publish","format-standard","hentry","category-security","category-software","category-update","tag-exchange","tag-patchday-10-2023","tag-secuirty","tag-update"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/31917","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=31917"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/31917\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=31917"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=31917"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=31917"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}