Description of the security update for Microsoft Exchange Server 2019 CU15: October 14, 2025 (KB5066367)

Applies To
Exchange Server 2019

Original article content

This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE)

Note

Please follow the instructions in the Microsoft Security Response Center (MSRC) article to address the vulnerability.

Issues that are fixed in this update

Exchange Server Health Checker

To verify that that the installation is successful, and check whether any additional actions are required, run the Exchange Server Exchange Server Health Checker.

Enabling Extended Protection in Exchange Server

To enable Extended Protection on Exchange-based servers, see Extended Protection enabled in Exchange Server (KB5017260).

How to get and install the update

Microsoft Download Center

You can get the standalone update package through the Microsoft Download Center.

More information

Security update deployment information

For deployment information about this update, see Deployments - Security Update Guide.

Security update replacement information

This security update replaces the following previously released updates:

File information

File hash information

Update Name File name SHA256 hash
Exchange Server 2019 Cumulative Update 15 SU5 Exchange2019-KB5066367-x64-en.exe 8434C3F2752673BD48977CC3F2CD057E1F3CB86CB21D42382A8B5DB9CE589222

Hashes for additional languages

The hash tables for additional languages are available here:

Exchange Server file information

The English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

More information

For more information about the deployment of Exchange Server SE, see Release notes for Exchange Server SE.
For more information about the coexistence of Exchange Server SE and earlier versions of Exchange Server in the same environment, see Exchange Server SE system requirements.

For more information about other Exchange updates, see Exchange Server Updates: Build numbers and release dates.

Information about protection and security

Protect yourself online: Windows Security support

Learn how we guard against cyber threats: Microsoft Security