Cumulative Update 22 for Exchange Server 2013

Applies to: Exchange Server 2013

Cumulative Update 22 for Microsoft Exchange Server 2013 was released on February 12, 2019. This cumulative update is a security update. This cumulative update includes fixes for nonsecurity issues and all previously released fixes for security and nonsecurity issues. These fixes will also be included in later cumulative updates for Exchange Server 2013. This update provides a security advisory in Microsoft Exchange. For more information, see Security Advisory ADV190004 for. It also resolves some vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2019-0686 and Microsoft Common Vulnerabilities and Exposures CVE-2019-0724.

This update also includes new daylight saving time (DST) updates for Exchange Server 2013. For more information about DST, see Daylight Saving Time Help and Support Center.

Known issues in this cumulative update

In multidomain Active Directory forests in which Exchange is installed or has been prepared previously by using the /PrepareDomain option in SETUP, this action must be completed after the /PrepareAD command for this cumulative update has been completed and the changes are replicated to all domains. Setup will try to execute the /PrepareAD command during the first server installation. Installation will finish only if the user who initiated SETUP has the appropriate permissions.

Issues that this cumulative update fixes

This cumulative update fixes the issues that are described in the following Microsoft Knowledge Base articles:

  • 4487603 "The action cannot be completed" error when you select many recipients in the Address Book of Outlook in Exchange Server 2013
  • 4490060 Exchange Web Services Push Notifications can be used to gain unauthorized access
  • 4490059 Reducing permissions required to run Exchange Server using Shared Permissions Model

Get Cumulative Update 22 for Exchange Server 2013

Download Center

Download Download Cumulative Update 22 for Exchange Server 2013 (KB4345836) now.

Download Download Exchange Server 2013 CU22 UM Language Packs now.


  • The Cumulative Update 22 package can be used to run a new installation of Exchange Server 2013 or to upgrade an existing Exchange Server 2013 installation to Cumulative Update 22.
  • You do not have to install any previously released Exchange Server 2013 cumulative updates or service packs that were released before Cumulative Update 22 before you install Cumulative Update 22.

Cumulative update information


This cumulative update requires Microsoft .NET Framework 4.7.1.

A component that's used within Exchange requires a new Visual C++ prerequisite to be installed with Exchange Server. The prerequisite can be downloaded at Visual C++ Redistributable Packages for Visual Studio 2013. For more information, see KB 4295081.

The setup process for Exchange Server 2013 identifies any missing prerequisites. For more information about the prerequisites for the setup of Exchange Server 2013, see Exchange 2013 prerequisites.

Security update deployment information

For deployment information about this update, see security update deployment information: February 12, 2019

Restart requirement

You may have to restart the computer after you apply this cumulative update package.

Registry information

You do not have to make any changes to the registry after you apply this cumulative update package.

Removal information

After you install this cumulative update package, you can't uninstall the package to revert to an earlier version of Exchange Server 2013. If you uninstall this cumulative update package, Exchange Server 2013 is removed from the server.

More Information

For more information about the deployment of Exchange Server 2013, see Release Notes for Exchange 2013.

For more information about the coexistence of Exchange Server 2013 and earlier versions of Exchange Server in the same environment, see Exchange 2013 System Requirements.

For more information about other Exchange updates, see Exchange Server Updates: Build numbers and release dates.

File Information

File hash information

File name SHA1 hash SHA256 hash
Exchange2013-x64-cu22.exe 2C2BD3A34437D93901BFFA8E5C3A252F391703B5 A91D853A5A449391DD4436F09B5F1686FEBEC769279375F886CA252ADE75C872


Exchange server file information

Download the list of files that are included in this security update KB 4345836.


Learn about the terminology that Microsoft uses to describe software updates.

How to get help and support for this security update

Help for installing updates: Protect yourself online

Help for protecting your Windows-based computer from viruses and malware: Microsoft Security

Local support according to your country: International Support