By Microsoft January 2023 Security Update It was published;
- Exchange Server 2013
- Exchange Server 2016
- Exchange Server 2019
With the changes made to Microsoft SU installation steps, SU packages are now available via the Update Catalog.
It is recommended that you perform a Health Check on your Exchange Server before and after the Exchange Server Update process.
SUs are available for the following specific versions of Exchange Server;
- Exchange Server 2013 CU23 (support and updates On April 11, 2023 remember that it will end))
- Exchange Server 2016 CU23
- Exchange Server 2019 CU11 and CU12
Microsoft has closed the security vulnerabilities reported to Microsoft with this update and provided additional adjustments. Even if there is no threat in your environment, you should make these updates urgently. (Note: Do not forget to test in your LAB environment first.)
Exchange Server Certificate Signing of PowerShell Serialization Payload
Certificate-based signing feature was added to PowerShell serialization payloads with the Exchange Server January 2023 update. This feature must be manually enabled in the first stage with the feature's dependencies requirement. Before doing this activation, you must add an authentication certificate for your environment.
Known Issues with Exchange Server January 2023 SU
Problems related to WATER;
Shared URLs in OWA are not rendering previews properly on the web page. Microsoft says it will fix the issue in the next update.
FAQ
When should we enable the new certificate signing feature of PowerShell serialization payload?
This feature should only be enabled after you have updated all your Exchange Servers to the January 2023 (or later) SU. Enabling the feature before all servers are updated may result in errors and bugs when managing your organization.
Why do we need to manually enable the new certificate signing? Why doesn't Microsoft automatically enable the feature?
Our goal is to enable certificate signing of the PowerShell serialization payload by default in a future update. This feature relies on a valid authentication certificate being present in the organization, so we wanted to give administrators a chance to verify their certificate before enabling a feature that depends on their certificate (certificate issues can lead to unexpected results and errors if the feature is enabled by default).
Our organization is in Hybrid mode with Exchange Online. Do we need to do anything?
Exchange Online is already protected, but this SU must be installed on your Exchange servers, even if they are used for administrative purposes only. If you change the authentication certificate after installing the January 2023 SU, you will need to run the Hybrid Configuration Wizard again.
Released: January 2023 Exchange Server Security Updates – Microsoft Community Hub
One comment on “Exchange Server January 2023 Security Update”