Microsoft, Exchange Released Security Updates (SUs) for vulnerabilities found in certain versions of Server. These updates include Exchange Server Valid for 2019 and Exchange Server 2016, and available for these specific editions:
This November 2023 SU addresses vulnerabilities that were responsibly reported by Microsoft's security partners and found through Microsoft's internal processes.
These vulnerabilities impact Exchange Server. Exchange Online customers are already protected from the vulnerabilities addressed by this SU and must take action to update the Exchange servers or Exchange Management Tools servers in their environment.
With the Exchange Server November Update, PowerShell Serialization is enabled by default.
Exchange Server Certificate Signing of PowerShell Serialization Payload Enablement – Cengiz YILMAZ | Sys Blog
Exchange Server November 2023 Security Update Powershell Serialization is enabled by default. Powershell Serialization was a feature released with the Exchange Server January 2023 update. It will now be enabled by default with the November 2023 Security Update.
Note: There are some points you need to pay attention to before the Exchange Server November 2023 Security Update process.
- You need to check if the Exchange Auth Certificate is enabled.
- Created by Microsoft for quick checking process MonitorExchangeAuthCertificate You can use the script.
If the Powershell output when you run the MonitorExchangeAuthCertificate script is as shown in the image below, you can perform the update without any problems.
Known Issues in Exchange Server November 2023 Security Update
Certain redirected cmdlets (for example, Get-MailboxDatabase | Get-Mailbox) fail only on Management Tools servers.
