It’s again Patchday and Microsoft has released Security Updates for Exchange 2016 and 2019.
- Exchange Team Blog Released: October 2023 Exchange Server Security Updates
- Security Update For Exchange Server 2019 CU12 SU10 (KB5030877)
- Security Update For Exchange Server 2019 CU13 SU3 (KB5030877)
- Security Update For Exchange Server 2016 CU23 SU10 (KB5030877)
The Token Cache will be fixed with the OS Updates for IIS.
Today, Windows team has released the IIS fix for root cause of this vulnerability, in the form of fix for CVE-2023-36434. We recommend installing the IIS fix after which you can re-enable Token Cache module on your Exchange servers.
I’ve downloaded the - Security Update For Exchange Server 2016 CU23 SU10 (KB5030877)
Run the Setup after downloading
After sucessfull installation you have to reboot the Server
Now let’s run the HealthChecker
After the Update, let’s run it again
We have two Warnings:
- Extended Protection for OAB - (Current settings on Extended Protection causes Outlook for Mac to fail to download the OAB) there is an updated Script available.
- TokenCacheModule - Can be reenabled after the OS Patches have fixed the IIS
Now it’s time to install the OS Patches for October 2023 and reboot the Server once again.
Now we can Reenable the TokenCacheModule
New-WebGlobalModule -Name "TokenCacheModule" -Image "%windir%\System32\inetsrv\cachtokn.dll"
I had to rerun the ExchangeExtendedProtectionManagement
Now let’s run the HealthChecker again.
All is now in perfect shape. Happy updating.