Exchange Server December 2025 Security Updates

Hi All,

Microsoft has released the Exchange Server Security Updates yesterday for these Exchange Server Versions:

• Exchange Server Subscription Edition (SE)
• Exchange Server 2019 CU14 and CU15 (to access, enroll into the ESU program)
• Exchange Server 2016 CU23 (to access, enroll into the ESU program)

Exchange Team Blog Article

• Released: December 2025 Exchange Server Security Updates

• Description of the security update for Microsoft Exchange Server Subscription Edition RTM: December 9, 2025 (KB5071876)

• ​​​​​​​​​​​​​​CVE-2025-64666 - Microsoft Exchange Server Elevation of Privilege Vulnerability

• CVE-2025-64667​​​​​​​ - Microsoft Exchange Server Spoofing Vulnerability​​​​​​​

Issues that are fixed in this update

• ​​​​​​​Skype for Business OWA integration fails after enabling the Dedicated Hybrid Application

Exchange Server Subscription Edition

In my case, i’ve downloaded the Security Update for Exchange Server Subscription Edition

• Security Update for Exchange Server SE RTM SU3 (KB5066366)

Check Pending Reboot

It’s best to check for Pending Reboot, before the installation.

Check for pending reboot with PowerShell

.\Check-PendingReboot.ps1

Installation

After the reboot, i started the *.exe File

Installation was successful

You have to Reboot after the Installation

Check Version

Check the Exchange Server Version

• Exchange Server build numbers and release dates

Get-Command Exsetup.exe | ForEach-Object {$_.FileVersionInfo}

Healthchecker

After Updating Exchange you should always run HealthChecker

Run HealthChecker to update Version

.\HealthChecker.ps1

Run HealthChecker and check the Warnings and Errors

.\HealthChecker.ps1

Regards
Andres Bohren