Microsoft Exchange Servers to the latest Cumulative Updates is highly critical. It helps keep your on-premises Exchange Servers ready for the next emergency security updates released by Microsoft to patch vulnerabilities.
If your server is not running a supported Cumulative Update, it is ineligible for the security updates and remains vulnerable to malicious attacks. With increasing attacks on on-premises Exchange Servers, it’s now more important than ever to keep your servers updated to the latest Cumulative and Security updates.
Microsoft released the Cumulative Update 23 (CU23) for Exchange Server 2013 on May 3, 2021. The latest Cumulative Update 23 contains all security updates released before May 2021 and is eligible to receive newer security updates and patches.
Thus, if your organization is running an older Exchange Server 2013 CU, it is highly recommended to update to CU23 to continue receiving the latest hotfixes and stay protected against malicious attacks.
In this post, you will learn the step-by-step process to upgrade Exchange Server 2013 to Cumulative Update 23 and install the latest Security Updates.
Steps to Install Exchange Server 2013 CU23
Follow these steps to install CU23 for Exchange Server 2013.
Caution: Backup Exchange customizations, such as IIS settings, custom registry entries, and Outlook on the web (OWA) customizations (if any) as installing CU may overwrite or remove them.
Step 1: Download the Exchange Server 2013 CU23 Build
Download the Exchange Server 2013 CU23 update released on May 3, 2021. You can also visit the Exchange Server build number and release dates page to download the latest CU and install it.
Make sure to choose your language before downloading the CU.
Step 2: Update Active Directory and Schema
Use /PrepareAD to update and prepare the Active Directory forest on your Exchange Server 2013 for CU23. It is also recommended that you extend schema by using the /PrepareSchema if the system is a member of the same Active Directory.
The steps are as follows:
- Open Command Prompt as administrator and then navigate to the location where the Exchange2013-x64-cu23.exe file is downloaded.
- Then execute the following commands to prepare AD and extend Schema:
.\Exchange2013-x64-cu23.exe /IAcceptExchangeServerLicenseTerms_DiagnosticDataON /PrepareSchema
.\Exchange2013-x64-cu23.exe /IAcceptExchangeServerLicenseTerms_DiagnosticDataON /PrepareAD /OrganizationName:"<Organization name>"
Once done, move to the next step.
Step 3: Put the Exchange Server in Maintenance Mode
To apply CU23 on your Exchange Server 2013, you must put the server in maintenance mode. The detailed steps are as follows:
- You need to put the HubTransport service to draining state. For this, open Exchange Management Shell (EMS) and then execute the following command:
Set-ServerComponentState -Identity “ExchangeServerName” -Component HubTransport -State Draining -Requester Maintenance
- Now execute the following command to put the Exchange Server 2013 to maintenance mode.
Set-ServerComponentState "ExchangeServerName" -Component ServerWideOffline -State Inactive -Requester Maintenance
- You can execute the following command in the EMS to verify if the Exchange Server 2013 is successfully switched to the maintenance mode.
Get-ServerComponentState -Identity "ExchangeServerName”
Step 4: Install .Net Framework
Exchange Server 2013 CU23 requires .NET Framework 4.8. To install the .NET framework, disable all Exchange 2013 services that are currently running.
Then right-click on the .NET framework.exe file and choose Run as administrator.
Once installed, re-enable the services you stooped but do not start them.
You can now reboot the server.
Step 5: Upgrade Exchange Server 2013 to CU23
To upgrade Exchange Server 2013 RTM or later edition to CU23, right-click on the Exchange2013-x64-cu23.exe file and choose Run as administrator.
Then follow the wizard to install the CU23 update.
You may also run the Setup.exe in unattended mode to install CU23 on Exchange Server 2013 using an elevated Command Prompt.
.\Exchange2013-x64-cu23.exe /IAcceptExchangeServerLicenseTerms_DiagnosticDataON /m:upgrade
After the CU23 update is applied, restart the server and reimport your saved customizations.
Step 6: Switch Off the Maintenance Mode
After the successful upgrade to Exchange Server 2013 CU23, you can switch off the maintenance mode by using the following commands:
Set-ServerComponentState “ExchangeServerName” –Component ServerWideOffline –State Active –Requester Maintenance
Set-ServerComponentState “ExchangeServerName” –Component HubTransport –State Active –Requester Maintenance
Execute the following command to verify that the server is not in maintenance mode.
Get-ServerComponentState –Identity “ExchangeServerName”
If the output displays ‘Active‘ Component status, it’s out of the maintenance mode. However, if any component is still inactive, you can activate it using the following command:
Set-ServerComponentState “ExchangeServerName” –Component “ComponentName” –State Active –Requester Maintenance
Once done, reboot the Exchange Server 2013.
Step 7: Install Latest Security Updates
Finally, you can install the latest Security Updates released by Microsoft for Exchange Server 2013 CU23 and patch the vulnerabilities.
The latest Security Update available at the time of writing this blog was released in January 2022. First, download the Security Update (KB5008631) for Exchange Server 2013 CU23 and then follow these steps to install it.
- Open the elevated Command Prompt window and navigate to the location where Security Update is downloaded or located using the cd command.
cd C:\Users\Administrator\Downloads\
- Then execute the following command to apply the Security Updates:
.\UpdateFileName.msp
For instance,
.\Exchange2013- KB5008631-x64-en.msp
- Click ‘Open‘ and then follow the wizard to apply the Security Updates.
You must restart the Exchange Server after applying the Security Updates.
Step 8: Verify Exchange Server 2013 CU23
To check if the Exchange Server is successfully upgraded to CU23, open EMS and execute the following command to check the Exchange Server 2019 build number. If it shows Version 15.0 (Build 15.00), it means the server is successfully updated to CU23.
Get-ExchangeServer | fl Name,Edition,AdminDisplayVersion
To check if the January 2022 Security Update is applied, open Control Panel, go to Programs > Programs and Features, and click View installed updates.
No comments:
Post a Comment