CVE-2023-21529

Pham Tien Dung 0 Reputation points
2023-03-14T09:25:01.73+00:00

Currently we are using exchange 2016 cu20 system, but there is a warning CVE-2023-21529 issued on February 14, according to the recommendation from microsoft we have upgraded exchange 2016 cu20 so exchange 2016 cu23 and install patch KB5023038. i have done run on root AD Setup.exe /IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF /PrepareSchema Setup.exe /IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF /PrepareAD Setup.exe /IAcceptExchangeServerLicenseTerms_DiagnosticDataOFF /PrepareAllDomains However, when installing exchange 2016 cu23 on the exchange server, it reported an error Microsoft Exchange has stopped working

Exchange Server
Exchange Server
A family of Microsoft client/server messaging and collaboration software.
1,071 questions
Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
7,339 questions
0 comments No comments
{count} votes

4 answers

Sort by: Most helpful
  1. Jame Xu-MSFT 4,166 Reputation points
    2023-03-15T02:19:43.72+00:00

    Hi @Pham Tien Dung ,

    What is the error report? Are you having problems updating from CU20 to CU23? You need to update to Cumulative Update 23 for Exchange Server 2016 (KB5011155) first: https://www.microsoft.com/en-us/download/details.aspx?id=104132

    Then install the latest SU (SU update is cumulative and will include previous patches): https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-march-14-2023-kb5024296-e13b0369-2102-4c95-bee2-456514630727


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment". 

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

  2. Pham Tien Dung 0 Reputation points
    2023-03-15T03:06:55.35+00:00

    Hi @Jame Xu-MSFT

    I installed ExchangeServer2016-x64-CU23.ISO update to Cumulative Update 23 for Exchange Server 2016 but got error

    User's image

    User's image


  3. Jame Xu-MSFT 4,166 Reputation points
    2023-03-30T07:53:56.4+00:00

    Hi @Pham Tien Dung ,

    Thanks for your feedback above which shared more information and glad to know that your issue is resolved now! Since our forum has the policy that The question author cannot accept their own answer. They can only accept answers by others, and according to the scenario introduced here: Answering your own questions on Microsoft Q&A

    I would make a brief summary of this post so that other forum members could easily find useful information here:

    ***[***CVE-2023-21529 - Summary]

    Issue Symptom:
    When installing exchange 2016 cu23 on the exchange server, it reported an error Microsoft Exchange has stopped working

    Solution:
    It turned out to be Trellix/McAfee's EDR piece. Once that was uninstalled, the error went away.

    You could "Accept Answer" for this summary to close this thread, and your action would be helpful to other users who encounter the same issue and read this thread. Thanks for your understanding!


    If an Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


  4. Pham Tien Dung 20 Reputation points
    2023-04-26T09:08:17.55+00:00

    I solved the problem, thanks all

    0 comments No comments