The Exchange Team released Exchange Server 2019 Cumulative Update H1 2025, or CU15, almost one year after CU14. CU15 will also be the last CU for Exchange 2019, which will become end-of-life in October this year. Customers staying on-premises are recommended to use the remaining time this year to upgrade to this CU level to have a smooth transition to Exchange Server Subscription Edition (SE) later this year. The official announcement can be found here.
Features
Apart from fixes and updates, including those from the security update of November (e.g. AMSI changes), this Cumulative Update for Exchange 2019 introduces some feature changes:
- Exchange 2019 CU15 and CU14 are now supported on Windows Server 2025. This includes environments running domain controllers running Windows Server 2025. This allows organizations to consider using Windows Server 2025, not having to look at migrations because of the underlying operating system when Exchange SE. Note that Windows Server 2025 is not currently a supported Forest Functional Level.
- As announced in the roadmap article, the CU15 setup contains an Exchange 2013 coexistence block, preventing it from being deployed in organizations running Exchange 2013. The consequence is that when you are still on Exchange 2013, you might need to migrate to CU14 first (it can be on WS2025). After that, you can upgrade those CU14 servers to CU15 after decommissioning Exchange 2013 servers.
- Certificate Management has returned to the Exchange Admin Center.
- Partial TLS 1.3 support on Windows Server 2022 and later. TLS 1.3 is supported for all protocols except SMTP; SMTP support is expected in a future update. Deploying CU15 on Windows Server 2022 or later will enable TLS 1.3 by default; disable it when needed per these instructions.
- DocParser replaces Oracle Outside In Technology (OIT). This library extracts text from emails during transport for purposes of Data Loss Prevention and Exchange Transport Rules.
- Feature Flighting is a server-side component allowing selected changes to be deployed and managed through deployment rings. This resembles how updates can be managed for other products, such as Microsoft Office or Windows. Note that CU15 just introduced the Feature Flighting engine with a PING feature for testing purposes. No features are being flighted until after Exchange SE, which aligns with the promise of Exchange 2019 CU15 running the same code as Exchange SE. Feature Flighting is optional and can be disabled when needed. When diagnostics data collection is enabled, additional data related to Feature Flighting will be included.
- Exchange SE will support Exchange 2019 product keys. Previously, it was announced that CU15 would accept SE product keys. This dependency order was changed to ease the migration path. New keys are now only required per Exchange SE CU1.
Download
Below is the link to the update. The columns Schema and AD indicate whether the CU contains changes to Schema (/PrepareSchema) and Active Directory (PrepareAD) compared to the previous CU. Refer to the Exchange Schema page for schema and related versioning information.
Fixes
- 5047359 Clean up old Exchange OWA files automatically to free up disk space
- 5047361 Inline images and text attachments are not visible in OWA
- 5047402 Online Archiving bypasses the InternetWebProxy setting in Exchange 2019
- 5047995 MFNs are not sent to remote domains
- 5047997 Wrong server version displayed in POP and IMAP logoff strings
- 5048017 RecoverServer operation fails in Exchange Server 2019
- 5048019 “NullReferenceException” error and Managed Store stops responding
- 5048020 Calendar print doesn’t work in OWA from Exchange 2019 CU14 onwards
- 5048021 HTML message is corrupted if <"e;> is included
- 5048072 “Enabled Extended Protection” message when you run setup with prepare* command
- 5047994 German umlauts in the Subject are replaced by a question mark
- 5047358 Group Metrics generation doesn’t finish in multidomain environment
Notes
- If Cumulative Updates contain schema changes compared to the Cumulative Update you currently have deployed, you need to run Setup with /PrepareSchema. If they contain Active Directory changes, you need to run /PrepareAD. Alternatively, permissions permitting, you can let Setup perform this step. Consult the Exchange schema versions page for schema and related versioning information.
- When upgrading from an n-2 or earlier version of Exchange or an early version of the .NET Framework, consult Upgrade Paths for CU’s & .NET.
- Remember to put the Exchange server in maintenance mode prior to updating. Regardless, setup will put the server in server-wide offline mode post-analysis before making actual changes.
- When using Exchange hybrid deployments or Exchange Online Archiving (EOA), support requires you to trail at most one version (n-1).
- Ensure the Windows PowerShell Script Execution Policy is set to Unrestricted during deployment. This to prevent installation failures due to the inability to validate script signatures.
- To speed up the system update process without internet access, you can follow the procedure described here to disable the publisher’s certificate revocation checking.
- Cumulative Updates can be installed directly; no need to install RTM before installing Cumulative Updates.
- Once upgraded, you can’t uninstall a Cumulative Update or any of the installed Exchange server roles.
- The recommended upgrade order is internet-facing, non-internet-facing servers first, followed by Edge Transports.
Caution
As for any updates, I recommend thoroughly testing updates in a test environment before implementing them in production. When you lack such facilities, hold out a few days and monitor the comments on the original publication or forums for any issues.