March 2023 Exchange Server Security Updates

Microsoft Exchange Servers security updates have been released for March 2023.

These updates are available for the following specific versions of Exchange Server:

Exchange Server 2013 CU23 SU21 (Microsoft Exchange Server 2013 will reach its end of support on April 11, 2023)
Exchange Server 2016 CU23 SU7
Exchange Server 2019 CU11 SU11 & CU12 SU7

The recommendation is to install these updates immediately to protect your environment.
In the scenario where you do a Cumulative Update(CU), you need to make security updates. Otherwise, remember that you have to do the Cumulative Update(CU) first and then the Security Update(SU).

Inventory your Exchange Servers to determine which updates –> “Exchange Server Health Checker
Choose your current CU and your target CU to get directions –>  “Exchange Update Wizard
If you encounter errors during or after installation of Exchange Server –> “Exchange Setup Assist

Note: Don't double-click the 'MSP file' to run it. Run Command Prompt (not Powershell) as an Administrator.

Issues resolved with this update:

  • EWS web application pool stops after the February 2023 Security Update is installed .
    ⇒If you have applied a workaround for this issue, you should roll it back after the March security update.
  • Exchange Server 2016 or 2019 who have non-default applications installed through ECP add-ins, the ECP add-ins page might be broken after the February 2023 Security Update is installed
    ⇒The issue is expected to be resolved with the March security update.
  • The Get-App and GetAppManifests applications fail and return an exception, “MSExchangeServicesAppPool” application pool to repeat in the same order after the February 2023 Security Update is installed .
    ⇒The issue has been resolved with the March security update.
  • Exchange Toolbox and Queue Viewer fails after Certificate Signing of PowerShell Serialization Payload is enabled after the Janurary 2023 or the February 2023 Security Update is installed.
    ⇒The issue has been resolved with the March security update for servers running the Mailbox Role, but this issue persists on other servers with management console installed.

Have a nice day!