Microsoft Releases June 2026 Security Updates for Exchange Server
Microsoft has released its June 2026 security updates for Exchange Server, delivering fixes for vulnerabilities affecting supported on-premises deployments. The updates are intended to address security issues identified in Exchange Server environments and should be applied as part of regular maintenance and security management practices. Microsoft encouraged administrators to review the release guidance and deploy the updates to help protect messaging infrastructure from potential threats.
The June 2026 SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes as well as CVE-2026-42897. Part of the recommendation is that customers keep CVE-2026-42897 mitigation in place, however, installing the June 2026 update does not automatically remove already applied CVE-2026-42897 mitigations.
Exchange Server 2016 and 2019 are already out of support. Only customers who enrolled in the Period 2 Extended Security Update (ESU) program are eligible to receive Exchange Server 2016 and 2019 security updates released between May and October 2026. A number of update paths are available, outlined in detail here.
The release is part of Microsoft's ongoing security update program for Exchange Server, which remains widely used by organizations that maintain on-premises email and collaboration systems. The company noted that keeping servers current with security updates is an important component of a broader defense-in-depth strategy.
Posted by Redmondmag.com Editors on 06/11/2026