Microsoft has announced the latest quarterly updated for Exchange Server 2016 and 2013, as well as an update rollup for Exchange 2010.
- Cumulative Update 8 for Exchange Server 2016 (download | UM language pack)
- Cumulative Update 19 for Exchange Server 2013 (download | UM language pack)
- Update Rollup 19 for Exchange Server 2010 (SP3) (download)
The Exchange 2016 and 2013 cumulative updates include the following changes and improvements:
- Applying a cumulative update to an existing Exchange server will no longer override the TLS and cryptography settings (i.e. won't override your customized configuration)
- Support for hybrid modern authentication, described as “spiffy” and best imagined in Greg Taylor's British accent
- Support for .NET Framework 4.7.1. Note that .NET FX 4.7.1 will be required for Exchange 2013/2016 releases from June 2018. 4.7.0 remains unsupported. Always refer to the Exchange supportability matrix to determine the supported combinations of Exchange and .NET FX. You can also run Exchange Analyzer to detect unsupported configurations in your environment.
The Exchange 2010 update contains a fix for Exchange 2010/2016 co-existence scenarios.
We have become aware of a condition which could allow proxied EWS calls to gain access to mailboxes on the 2010 server to which a user should not have access. This issue, tracked by KB4054456, is resolved in Service Pack 3 Update Rollup 19 for Exchange Server 2010. Customers who have deployed Exchange Server 2010 and 2016 together are encouraged to apply Update Rollup 19 with high priority.
A few days after the release of these updates, Microsoft posted a note to their blog post with the following information.
Microsoft has identified a condition where Free/Busy lookups from On-Premises to O365 in a hybrid configuration may fail. Please see KB4058297 for additional information and mechanisms to resolve this condition.