This month, Microsoft has announced that no security updates are being released for any version of Exchange Server in November 2025. This includes all customers using Exchange Server SE as well as those with Extended Security Updates (ESU) for Exchange Server 2019 and 2016.
Microsoft reminds customers that although mainstream support for Exchange 2016 and 2019 has ended, organizations that have purchased ESUs will continue to receive monthly communications—even in months when no new security updates are being released. This policy will continue until the ESU program concludes in April 2026.
Key actions:
- If you have not upgraded, please continue planning your migration to Exchange Server SE to ensure long-term security and support.
- Stay tuned for future monthly announcements regarding security updates.
For more information and upgrade guidance, visit the official Microsoft Exchange Community blog.
Fortify Your Server with Messageware Security
Data breaches have increased by 72%, servers are compromised in under 90 minutes. Ensure you have multiple layers of security software protecting your Windows Servers.
Server Threat Guard (STG) for All Windows Servers: Next-gen server protection, providing detection, alerting, and response (MDR) to zero-day and server penetration cyber-attacks. No need to research complicated deployments and no learning curve to install and manage.
EPG Guard for Exchange Servers: Real-time security. Stop AD account lockouts, eliminate password attacks, intelligent GEO blocking, and prevent Exchange Server vulnerability probing.
Don’t leave your critical infrastructure vulnerable, be proactive and stay ahead of evolving threats.