Exchange must have the most current, approved Cumulative Update installed.
An XCCDF Rule
Description
<VulnDiscussion>Failure to install the most current Exchange Cumulative Update (CU) leaves a system vulnerable to exploitation. Current CUs correct known security and system vulnerabilities.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-259711r961683_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Consult the EDSP for the accepted update process within the organization.
Install the most current, approved CU. Microsoft recommends as a best practice to always install the latest CU when creating a new server. Existing servers keep as up-to-date as possible and backup any customizations. Follow any additional recommendations by going to the following website:
https://learn.microsoft.com/en-us/Exchange/plan-and-deploy/install-cumulative-updates?view=exchserver-2019
All Exchange 2019 updates can be found on the Microsoft Exchange update site: