Exchange 2013 sp1 build 847.32 Zero-Day vulnerability patch fix

Question

Is there a Zero-Day security patch for MS Exchange 2013 SP1 version 15.0 Build 847.32

Answer 1

No, you must update to CU23 ASAP and then apply the patch

Go straight to CU23:

https://learn.microsoft.com/en-us/exchange/plan-and-deploy/prepare-ad-and-domains?view=exchserver-2013

Run each step separately first to prep the AD Forest:
Setup.exe /IAcceptExchangeServerLicenseTerms /PrepareSchema
Setup.exe /IAcceptExchangeServerLicenseTerms /PrepareAD
Setup.exe /IAcceptExchangeServerLicenseTerms /PrepareAllDomains

Then install .net 4.8 on the server

https://learn.microsoft.com/en-us/exchange/plan-and-deploy/supportability-matrix?view=exchserver-2019#exchange-2013

then install CU23 FROM AN ELEVATED PROMPT

https://support.microsoft.com/en-us/topic/cumulative-update-23-for-exchange-server-2013-d3664482-52d4-b36b-6426-0485271070b5

then install the security patch FROM AN ELEVATED PROMPT:

https://www.microsoft.com/en-us/download/details.aspx?id=102775

Answer 2

Hi,
The available CUs for the patch is listed here:

Exchange 2013 SP1 is an old version, you'd better plan an upgrade or migration to Exchange 2016/2019.

---

If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.