informa
1 min read
article

Microsoft Simplifies Security Patching Process for Exchange Server

Delivering hotfixes and system updates separately will allow manual patching without requiring elevated permissions, Microsoft said.

In a move to ease the process of applying security updates to Exchange Server and help ensure the servers get patched, Microsoft has kicked off new security update packaging for the software.

Previously, elevated admin permissions were required to both update the application as well as install the most urgent "hotfix." The result, according to a new Microsoft Exchange security team blog post, have been servers being left unpatched. 

Moving forward, Exchange server updates will be sent in two packages — one Windows installer patch file (.msp) for automated updates and another (.exe) installer for manual updates. 

"The EXE package is a wrapper for the .msp file that ensures the installation runs with the required permissions," the Exchange security team added. "To install the update, simply double-click the .exe file and follow the instructions. The installation process checks permission prerequisites and if the check fails, it will try to elevate the permissions to the required admin level."