Exchange 2019 CU2

Cumulative Update 2 for Exchange 2019 is now available. It contains 1 new documented security updates and 16 additional documented new fixes or improvements, as well as all previously released fixes and security updates for Exchange 2019 and the latest DST updates.

Notable improvements, changes and fixes are;

  • Decreasing Exchange Rights in the Active Directory
    There is now a Deny ACE on the DNS Admins group and the ability for Exchange to assign Service Principal Names (SPN’s) has been removed.
  • Support for .NET Framework 4.8
    The minimum .NET requirement remains 4.7.2 and .NET 4.8 will required with the December 2019 update.
  • Controlled Connections to Public Folders in Outlook
    Admins have control over which users will see public folders in their Outlook clients.
  • Authentication Policies Update
    You can define a default authentication policy at Organization level to disable legacy authentication protocols.
  • KB4503027 which discusses ADV190018: Microsoft Exchange Server Defense in Depth Update. This update was released separately for CU1 as well.
  • KB4488396: Can’t search any results in manually added shared mailbox in Outlook in Exchange Server 2016
  • KB4502131: “TLS negotiation failed with error UnknownCredentials” error after updating TLSCertificateName on Office 365 send connector in Exchange Server 2019 hybrid environment.

Additionally, the Exchange Team announced that they will not make any investments into support of Modern Authentication in on-premises Exchange without a hybrid deployment.

This release includes no new updates to the Active Directory Schema.
The next planned quarterly update is in September 2019.

Download: Cumulative Update 2 for Exchange Server 2019 (KB4488401) (from MVLC)
View: Description of Cumulative Update 2 for Exchange Server 2019
View: Blog post of the Exchange Team about CU2 for Exchange Server 2019