Exchange Updates – June 2019

Today, the Exchange Team released the quarterly Cumulative Updates for Exchange Server 2019, Exchange 2016 and Exchange 2013.

The KB articles that describe the fixes in each release, and product downloads are available as follows:

VersionBuildKBDownloadUMLPSchema
Exchange 2019 CU215.2.397.3KB4488401 VLSCN
Exchange 2016 CU1315.1.1779.2KB4488406 DownloadUMLPN
Exchange 2013 CU2315.0.1497.2KB4489622 DownloadUMLPN

These updates contain the following important changes and notes (more information in the original article):

  • Reduced required permissions of Exchange in Active Directory.
  • Introduction of support for .NET Framework 4.8, with 4.7.2 becoming the minimum required version.
  • Introduction of Organization-level Authentication Policies.
  • Upcoming support for Modern Authentication for Exchange Hybrid deployments.
  • Controlled Public Folder visibility for Exchange 2019 & 2016.

Exchange 2019 CU2 fixes:

  • 4502134 Can’t get all the emails when searching mailbox by using an end date that’s different from today in Exchange Server 2019
  • 4502135 Correct the error message that you receive when installing Exchange Server 2019 in an organization that has Exchange Server 2010 installed
  • 4502154 Providing information to administrators when auto forward limit is reached in Exchange Server 2019 and 2016
  • 4502155 “The primary SMTP address must be specified when referencing a mailbox” error when you use impersonation in Exchange Server 2019 and 2016
  • 4502156 Audit logs aren’t updated when “-WhatIf” is used as $false in the command in Exchange Server 2019 and 2016
  • 4502157 The Find command not returning the HasAttachments element in Exchange Server 2019 and 2016
  • 4502158 SyncFolderItems contains duplicated ReadFlagChange items in Exchange Server 2019 and 2016
  • 4502131 “TLS negotiation failed with error UnknownCredentials” error after you update TLSCertificateName on Office 365 send connector in Exchange Server 2019 hybrid environment
  • 4502132 Can’t reply to old emails after migration even though old legacyExchangeDN is set to migrated mailbox in Exchange Server 2019 and 2016
  • 4502136 The response of FETCH (BODYSTRUCTURE) command of IMAP violates RFC 3501 in Exchange Server 2019 and 2016
  • 4502140 Can’t preview an eDiscovery search when there are multiple domains in Exchange Server 2019 and 2016
  • 4502141 Appointment that’s created by responding to an email message doesn’t show in any Outlook calendar views in Exchange Server 2019 and Exchange Server 2016
  • 4502133 Can’t use Outlook on the web to reply a partner email through mutual TLS in Exchange Server 2019 and 2016
  • 4488396 Can’t search any results in manually added shared mailbox in Outlook in Exchange Server 2019 and 2016
  • 4488078 Public folder contact lists don’t show contact’s profile picture in Outlook on the web in Exchange Server 2019 and 2016
  • 4499503 Heavy organizational forms traffic because of materialized restriction when organization forms library has more than 500 items in Exchange Server 2019 and 2016
  • 4503027 Description of the security update for Microsoft Exchange Server 2019 and 2016: June 11, 2019

Exchange 2016 CU13 fixes:

  • 4502154 Providing information to administrators when auto forward limit is reached in Exchange Server 2016
  • 4502155 “The primary SMTP address must be specified when referencing a mailbox” error when using impersonation in Exchange Server 2016
  • 4502156 Audit logs aren’t updated when “-WhatIf” is used as $false in the command in Exchange Server 2016
  • 4502157 The Find command not returning the HasAttachments element in Exchange Server 2016
  • 4502158 SyncFolderItems contains duplicated ReadFlagChange items in Exchange Server 2016
  • 4502131 “TLS negotiation failed with error UnknownCredentials” error after updating TLSCertificateName on Office 365 send connector in Exchange Server 2016 hybrid environment
  • 4502132 Can’t reply to old emails after migration even though old legacyExchangeDN is set to migrated mailbox in Exchange Server 2016
  • 4502136 The response of FETCH (BODYSTRUCTURE) command of IMAP violates RFC 3501 in Exchange Server 2016
  • 4502140 Can’t preview an eDiscovery search when there are multiple domains in Exchange Server 2016
  • 4502141 Appointment that’s created by responding to an email message doesn’t show in any of Outlook calendar views in Exchange Server 2016
  • 4502133 Can’t use Outlook on the web to reply a partner email through mutual TLS in Exchange Server 2016
  • 4488396 Can’t search any results in manually added shared mailbox in Outlook in Exchange Server 2016
  • 4488078 Public folder contact lists don’t show contact’s profile picture in Outlook on the web in Exchange Server 2016
  • 4499503 Heavy organizational forms traffic due to materialized restriction when organization forms library has more than 500 items in Exchange Server 2016
  • 4503027 Description of the security update for Microsoft Exchange Server 2019 and 2016: June 11, 2019

Exchange 2013 CU23 fixes:

  • 4502131 “TLS negotiation failed with error UnknownCredentials” error after updating TLSCertificateName on Office 365 send connector in Exchange Server 2013 hybrid environment
  • 4503028 Description of the security update for Microsoft Exchange Server 2013 and 2010: June 11, 2019

Notes:

  • These Cumulative Updates do not contain schema changes compared to their previous Cumulative Update. However, due to changes in the permissions architecture, you need to run setup /PrepareAD to implement these changes as well as apply any RBAC changes, before deploying or updating Exchange servers.
  • When upgrading from an n-2 or earlier version of Exchange, or an early version of the .NET Framework, consult Upgrade Paths for CU’s & .NET.
  • Don’t forget to put the Exchange server in maintenance mode prior to updating. Regardless, setup will put the server in server-wide offline mode post-analysis, before making actual changes.
  • When using Exchange hybrid deployments or Exchange Online Archiving (EOA), you are required to delay installing at most one version (n-1).
  • If you want to speed up the update process for systems without internet access, you can follow the procedure described here to disable publisher’s certificate revocation checking.
  • Cumulative Updates can be installed directly; no need to install RTM prior to installing Cumulative Updates.
  • Once installed, you can’t uninstall a Cumulative Update nor any of the installed Exchange server roles.
  • The order of installation shouldn’t matter with the “every server is an island” concept, yet recommended is to upgrade internet-facing, non-internet-facing servers first, followed by Edge Transports.

Caution:

As for any update, I recommend to thoroughly test updates in a test environment prior to implementing them in production. When you lack such facilities, hold out a few days and monitor the comments on the original publication or forums for any issues.

This entry was posted in Misc by Michel de Rooij. Bookmark the permalink.

About Michel de Rooij

Michel is a Microsoft Office Apps and Services MVP, with focus on Exchange Server, Office 365 and a PowerShell affection. He is a consultant, publisher of EighTwOne, published author, and speaker. You can find Michel on Twitter, LinkedIn, Facebook or Google+.

2 thoughts on “Exchange Updates – June 2019

  1. Hi Michel, can I just confirm this statement:
    When using Exchange hybrid deployments or Exchange Online Archiving (EOA), you are required to delay installing at most one version (n-1).

    looking the Exchange Blog post for the June 2019 updates (https://techcommunity.microsoft.com/t5/Exchange-Team-Blog/Released-June-2019-Quarterly-Exchange-Updates/ba-p/698398)

    It states the following:

    Reminder: Customers in hybrid deployments where Exchange is deployed on-premises and in the cloud, or who are using Exchange Online Archiving (EOA) with their on-premises Exchange deployment are required to deploy the currently supported cumulative update for the product version in use, e.g., 2013 Cumulative Update 23; 2016 Cumulative Update 13 or 12; 2019 Cumulative Update 2 or 1.

    Which statement is correct?

    My org runs Hybrid Exchange (all mailboxes are in O365) currently on Exchange 2013 CU20.

    Do we go with 22 or 23? we want to ensure we are in a supported state.

    Thanks

    Ridley

    • Not to worry, I have re-read and confirmed CU23 is supported in a Hybrid environment. The problem is if two CU’s out from the latest. This isn’t a supported state.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s