Microsoft has released a new security update for all currently supported Exchange Server versions. What exactly the problem is with the Exchange Server versions has not been published. The description of the security advisory only states:
Microsoft has released an update for Microsoft Exchange Server that provides enhanced security as a defense in depth measure.
Source: ADV190018 | Microsoft Exchange Server Defense in Depth Update
A severity level was also not specified. The update for the respective Exchange Server version can be downloaded directly here:
- Security Update For Exchange Server 2019 CU1 (KB4503027)
- Security Update For Exchange Server 2019 (KB4503027)
- Security Update For Exchange Server 2016 CU12 (KB4503027)
- Security Update For Exchange Server 2016 CU11 (KB4503027)
- Cumulative Update 22 for Exchange Server 2013 (KB4503028)
- Exchange 2010 SP3 RU28 (KB4503028)
As no further information on the update is available, it is not possible to assess whether it is necessary to install the update promptly. The new CUs for Exchange 2019, 2016 and 2013 should also not be long in coming.
