My organization is in Hybrid mode with Exchange Online. This release addresses an earlier known issue with Outlook Web App hybrid redirect after installation of November 2021 security updates. We are not aware of any known issues with this release. If something does not work properly after updates, see Repair failed installations of Exchange Cumulative and Security updates. If you encounter errors during installation, see the SetupAssist script. If you encounter errors during or after installation of Exchange Server updates Go to and choose your currently running CU and your target CU to get directions for your environment. Running this script will tell you if any of your Exchange Servers are behind on updates (CUs and SUs). Use the Exchange Server Health Checker script (use the latest release) to inventory your servers. Inventory your Exchange Servers / determine which updates are needed More details about specific CVEs can be found in Security Update Guide (filter on Exchange Server under Product Family). Exchange Online customers are already protected and do not need to take any action. These vulnerabilities affect on-premises Microsoft Exchange Server, including servers used by customers in Exchange Hybrid mode.
Although we are not aware of any active exploits in the wild, our recommendation is to install these updates immediately to protect your environment. The January 2022 security updates for Exchange Server address vulnerabilities responsibly reported by security partners and found through Microsoft’s internal processes. msp from elevated command prompt (see Known Issues in update KB article). IMPORTANT: If manually installing security updates, you must install. These updates are available for the following specific builds of Exchange Server: Microsoft has released security updates for vulnerabilities found in any version of: