Description of the security update for Microsoft Exchange Server 2019 and 2016: February 11, 2020

Applies to: Exchange Server 2016Exchange Server 2019

This update rollup is a security update that resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE):

Known issues in this security update


  • When you try to manually install this security update by double-clicking the update file (.msp) to run it in Normal mode (that is, not as an administrator), some files are not correctly updated.

    When this issue occurs, you don’t receive an error message or any indication that the security update was not correctly installed. However, Outlook Web Access (OWA) and the Exchange Control Panel (ECP) may stop working.

    This issue occurs on servers that are using user account control (UAC). The issue occurs because the security update doesn’t correctly stop certain Exchange-related services.

    To avoid this issue, follow these steps to manually install this security update:

    1. Select Start, and type cmd.
    2. In the results, right-click Command Prompt, and then select Run as administrator.
    3. If the User Account Control dialog box appears, verify that the default action is the action that you want, and then select Continue.
    4. Type the full path of the .msp file, and then press Enter.

    This issue does not occur when you install the update through Microsoft Update.

  • Exchange services may remain in a disabled state after you install this security update. This condition does not indicate that the update is not installed correctly. This condition may occur if the service control scripts experience a problem when they try to return Exchange services to their usual state.

    To fix this issue, use Services Manager to restore the startup type to Automatic, and then start the affected Exchange services manually. To avoid this issue, run the security update at an elevated command prompt. For more information about how to open an elevated Command Prompt window, see Start a Command Prompt as an Administrator.

How to get and install the update


Method 1: Microsoft Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.

Method 2: Microsoft Update Catalog

To get the standalone package for this update, go to the Microsoft Update Catalog website.

Method 3: Microsoft Download Center

You can get the standalone update package through the Microsoft Download Center.

More information


Security update deployment information

For deployment information about this update, see security update deployment information: February 11, 2020

Security update replacement information

This security update replaces the following previously released updates:

File information


File hash information

Update name File name SHA1 hash SHA256 hash
Exchange Server 2019 Cumulative Update 4 Exchange2019-KB4536987-x64-en.msp F040FFC72F38658BC9B77DF8E368698B70CB825C 774A68E5B4462A6807B34AACD1ABE36901A31C6B1C7AD0270225A2C0C62B2478
Exchange Server 2019 Cumulative Update 3 Exchange2019-KB4536987-x64-en.msp F936D367F8AD3F8965BFDDB61FFCFF3BFC107013 78851F1ECD036A768181F9938CF9CFF79FE3D0BD45A4132A22C3587B7D9379C2
Exchange Server 2016 Cumulative Update 15 Exchange2016-KB4536987-x64-en.msp 864C4A38668A914A4F75DDF679555CFB8F0D4065 6DC7F1CEBCDBCA95FE33C2168426B0AC8BD14F31079B12C759A68F35F6FC3352
Exchange Server 2016 Cumulative Update 14 Exchange2016-KB4536987-x64-en.msp 68E8E81FB24045AE4EA18862B744BCF5A2CCAE6E 68D642697F7BE93E5070DB0B198918C43D6B05BA7FC62D2322A2C6FE8BB9D171

Exchange server file information

The English (United States) version of this update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.

Information about protection and security


Protect yourself online: Windows Security support

Learn how we guard against cyber threats: Microsoft Security