Important: This regularly scheduled cumulative update contains all the security fixes of the security updates in February and previous security updates.

This update resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE):

Issues that this cumulative update fixes

This cumulative update also fixes the issues that are described in the following Microsoft Knowledge Base articles:

  • 5035439 BlockModernAuth does not respond in AuthenticationPolicy 

  • 5035442 Exchange Mitigation Service does not log incremental updates

  • 5035443 Read receipts are returned if ActiveSyncSuppressReadReceipt is "True" in Exchange Server 2019

  • 5035444 System.argumentnullexception when you try to run an eDiscovery search

  • 5035446 OAB shadow distribution fails if legacy authorization is blocked

  • 5035448 MCDB fails and leads to lagged copy activation

  • 5035450 Exchange 2019 setup installs a outdated JQuery library

  • 5035452 Usernames are not displayed in Event ID 23 and 258 

  • 5035453 Issues in Exchange or Teams when you try to delegate information

  • 5035455 MSExchangeIS stops responding and returns "System.NullReferenceExceptions" multiple times per day

  • 5035456 "Deserialization blocked at location HaRpcError" error and Exchange replication stops responding

  • 5035493 FIP-FS Proxy Customizations are disabled after a CU or an SU update

  • 5035494 Modern attachment doesn't work when web proxy is used in Exchange Server 2019

  • 5035495 OWA displays junk operations even if junk mail reporting is disabled

  • 5035497 Edit permissions option in the ECP can't be edited

  • 5035542 Remote equipment and room mailboxes can now be managed through EAC 

  • 5035616 Logon events failure after updating Windows Server

  • 5035617 Transport rules aren't applied to multipart or alternative messages

  • 5035689 "High %Time in GC" and EWS doesn't respond

Known issues in this cumulative update

  • When Setup.exe is used to run /PrepareAD, /PrepareSchema or /PrepareDomain, the installer reports that Extended Protection was configured by the installer, and it displays the following error message: 

    Exchange Setup has enabled Extended Protection on all the virtual directories on this machine. 

  • RecoverServer fails and returns multiple "Cannot convert null to type" error messages. For more information and a workaround, see "Cannot convert null to type" error and Exchange 2019 CU14 RecoverServer fails.

Get Cumulative Update 14 for Exchange Server 2019

Method 1: Volume Licensing Center

  • To get Cumulative Update 14 for Exchange Server 2019, go to Microsoft Volume Licensing Center.Note: The Cumulative Update 14 package can be used to run a new installation of Exchange Server  2019 or to upgrade an existing Exchange Server 2019 installation to Cumulative Update 14.

Method 2: Microsoft Download Center

  • You can get the standalone update package through the Microsoft Download Center. Microsoft Exchange Server 2019 Cumulative Update 14 - Download the package now

File information

File hash information

File name

SHA256 hash

ExchangeServer2019-x64-cu14.iso

5A645313CF9662A12A32B48D0DE1BFDE70D93B61BD849059E1A9F27CC6ECA981

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.