-
Title
SMA Patching - KB5000871 - March 2021 Exchange Server Security Updates ( Applicability) -
Description
Microsoft has released a set of out of band security updates for vulnerabilities for different versions of Exchange Server under patch KB5000871. Additional details about this can be found on the links below:
-
Cause
Security updates are available for the following specific versions of Exchange:
- Exchange Server 2013 (update requires CU 23)
- Exchange Server 2016 (update requires CU 19 or CU 18)
- Exchange Server 2019 (update requires CU 8 or CU 7)
-
Resolution
First thing to keep in mind is that patch KB5000871 is not a full CU upgrade for Microsoft Exchange Server version but a Security Update for the CU.
For example: If the device is running Microsoft Exchange Server 2016 CU11, it will not be applicable to KB5000871 as the patch is only made for Microsoft Exchange Server 2016 CU18 and C19. The course of action in this case would be to upgrade to CU18 or CU19 so KB5000871 can be applicable and then patched.
- A successful detection of the patch will look as follows:
- A successful deployment of the patch will look as follows:
For guidance on Requirements and Requisites for Upgrading Exchange Server CU version please review the following Microsoft documentation:
Exchange Server system requirements
How to validate Devices running Microsoft Exchange Server have correct CU?
During inventory cycle the agent collects multiple information via WMI, including software installed on the device, a Device running Microsoft Exchange Server will report the CU version as shown in the image below, this information is stored in the Device Inventory record ( Inventory | Devices | Device Detail: Software - Installed Programs )
Clicking the Software Title ( Microsoft Exchange Server 2016 Cumulative Update 19 ) will take you to the software record and it will show at the bottom all devices detected with the software.
For additional assistance please contact Kace Support