Microsoft Releases Final Exchange Server 2019 Update with New Features and Security Enhancements

Microsoft has announced the release of the 2025 H2 Cumulative Update (CU15) for Exchange Server 2019. This is the final major update before this Exchange Server version reaches its end-of-support deadline in October 2025.

Microsoft emphasized that CU15 includes new features, security enhancements, bug fixes, and all previous Security Updates (SUs). Previously, administrators had to test Exchange Server updates in a separate environment before deploying them in production. However, not all organizations have test environments, and this process can delay the rollout of critical updates.

The latest cumulative update introduces server-side support for Feature Flighting, a new capability that will be available in the Exchange Server Subscription Edition. This feature allows administrators to test and gradually roll out new updates within their organizations. Feature Flighting is designed as an optional cloud-based service for on-premises Exchange customers. It uses the Office Config Service (OCS) to connect to Microsoft’s servers and retrieve information about new features and updates.

“With Feature Flighting, admins can deploy updates immediately and control when a flighted feature is enabled in their environment. Feature Flighting also enables Microsoft to disable a flighted feature in case a significant issue is discovered after the update containing the flighted feature was released,” the Exchange team explained.

Microsoft notes that Feature Flighting is enabled by default for Exchange Server customers. Administrators will be able to configure or disable this capability by following the steps mentioned on this support page.

Support for Windows Server 2025

Starting with CU15, IT admins can install and run Exchange Server 2019 on Windows Server 2025 machines. Exchange Server 2019 will also be compatible with the new Windows Server 2025. This release will enable customers to install CU14 or CU15 on new hardware running Windows Server 2025 and then perform an in-place upgrade to Exchange Server Subscription Edition (SE).

Partial TLS 1.3 support

The latest Exchange Server 2019 cumulative update introduces TLS 1.3 support for Windows Server 2022 and later. This applies to all communication protocols except SMTP, which is widely used for sending emails. TLS 1.3 is enabled by default for Exchange Server 2019 customers, and Microsoft plans to extend support to SMTP in future updates.

Other improvements and changes

This release also brings an improved Exchange Server AMSI integration that was previously announced in November 2024. Moreover, CU15 reintroduces the ability to manage certificates directly within the Exchange Admin Center. Organizations will no longer be able to install the latest cumulative update on servers running Exchange 2013. Administrators will need to decommission and uninstall Exchange 2013 servers before CU15 can be installed.

Microsoft is also reminding customers that Extended Protection is enabled by default after CU is installed. This security feature is designed to enhance the protection against certain types of attacks, like man-in-the-middle attacks.

Microsoft previously announced that CU15 will bring support for Exchange Server SE product keys. The company has decided to delay this change until the release of Exchange Server SE CU1. Consequently, Exchange Server SE RTM is intended to accept Exchange 2019 product keys. This means that IT admins will no longer need to upgrade their servers to use an Exchange Server SE product key until the release of Exchange Server SE CU1.

Lastly, Microsoft notes that some planned changes to prerequisites and setup dependencies, like updating to a new version of the VC++ redistributable, have been postponed. This helps ensure a smoother and less complicated upgrade experience for enterprise customers.

Microsoft recommends customers to first upgrade from Exchange Server 2016 to Exchange Server 2019, and then perform an in-place upgrade to Exchange Server SE RTM once it becomes available. Organizations will also be able to perform a legacy upgrade directly from Exchange Server 2016 CU23 to Exchange Server SE RTM.