KB5019758 is the latest security update for Exchange Servers. These security updates were released on 8th November 2022. This security update comes after KB5019076 and KB5019077 security updates were released on 11th October 2022. We look at some fundamental aspects of Exchange Servers’ security updates below.
KB5019758 – Important points about Exchange Servers security update
- KB5019758 is November month’s security update. This is a standalone update. All the previous updates should have been deployed on Exchange Servers for complete security coverage.
- KB5019758 is available for Exchange Servers 2019 (Cumulative Updates 11 and 12), Exchange Server 2016 (Cumulative Updates 22 and 23), and Exchange Server 2013 (Cumulative Update 23).
- KB5019758 resolves 6 vulnerabilities that have been disclosed in Microsoft’s November security bulletin. Details of these vulnerabilities are shared below in brief.
Installing KB5019758 on Exchange Servers
KB5019758 can be applied automatically through the Windows Update program on the Exchange Servers.
You can also install KB5019758 manually. For manual deployments, you can use the Microsoft Update Catalog or the installer files from the Microsoft Download Center. We share the direct download links of the offline installer files for Exchange Servers below.
Download MSU update files
The MSU update files are offline installer files that can be downloaded from the Microsoft Update Catalog page for KB5019758. The direct download links for these installer files are shared below.
| Exchange Server version | Download update | Update size |
|---|---|---|
| Exchange Server 2019 Cumulative Update 12 | Download KB5019758 | 153.9 MB |
| Exchange Server 2019 Cumulative Update 11 | Download KB5019758 | 153.7 MB |
| Exchange Server 2016 Cumulative Update 23 | Download KB5019758 | 150.5 MB |
| Exchange Server 2016 Cumulative Update 22 | Download KB5019758 | 150.3 MB |
| Exchange Server 2013 Cumulative Update 23 | Download KB5019758 | 83 MB |
Download KB5019758 as an executable file
The following direct download links can be used to download executable files for Exchange Server KB5019758. These updates will be downloaded from the Microsoft Download Center.
| Exchange Server version | Download update |
|---|---|
| Exchange Server 2019 Cumulative Update 12 | Download KB5019758 |
| Exchange Server 2019 Cumulative Update 11 | Download KB5019758 |
| Exchange Server 2016 Cumulative Update 23 | Download KB5019758 |
| Exchange Server 2016 Cumulative Update 22 | Download KB5019758 |
| Exchange Server 2013 Cumulative Update 23 | Download KB5019758 |
Supported operating systems for KB5019758 Exchange Server security update
We look at the operating systems that are supported by KB5019758 security updates for Exchange Servers
| Exchange Server version | Supported operating systems |
|---|---|
| Exchange Server 2019 Cumulative Update 12 | Windows Server 2019 |
| Exchange Server 2019 Cumulative Update 11 | Windows Server 2019 |
| Exchange Server 2016 Cumulative Update 23 | Windows Server 2016, Windows 10, Windows Server 2012 R2, Windows Server 2012, Windows 8.1 |
| Exchange Server 2016 Cumulative Update 22 | Windows Server 2016, Windows 10, Windows Server 2012 R2, Windows Server 2012, Windows 8.1 |
| Exchange Server 2013 Cumulative Update 23 | Windows Server 2012 R2, Windows Server 2008 R2, Windows Server 2012 |
Security vulnerabilities on Exchange Servers – KB5019758
KB5019758 was released to mitigate the following threats:
| Vulnerability | Severity | CVSS score | Impact |
|---|---|---|---|
| CVE-2022-41040 | CRITICAL | 8.8 | Elevation of Privilege |
| CVE-2022-41082 | CRITICAL | 8 | Remote Code Execution |
| CVE-2022-41078 | CRITICAL | 8 | Spoofing vulnerability |
| CVE-2022-41123 | CRITICAL | 7.8 | Elevation of Privilege |
| CVE-2022-41080 | CRITICAL | 8.8 | Elevation of Privilege |
| CVE-2022-41079 | CRITICAL | 8 | Elevation of Privilege |
Rajesh Dhawan is a technology professional who loves to blog about smart wearables, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.