Microsoft have released the next CU for Exchange 2019 and this is CU8. As with Exchange 2016 CU19, there are a number of vulnerabilities and exposures fixed in CU8. It also includes nonsecurity issues that have also been fixed.
Here is the link to the full article:
There are a number of fixes in CU08 and they are listed below, the list is slightly longer than CU19 for Exchange 2016:
- 4588297 Attachments can’t be downloaded or previewed from Outlook Web App
- 4583531 Design change about inline images will be forced to download but not open in a new tab of OWA in Exchange Server 2019 and 2016
- 4583532 ELC MRM archiving fails due to DomainName in AuthServer in Exchange Server 2019 and 2016
- 4583533 Exchange Server 2019 or 2016 installation fails with error “The user has insufficient access rights”
- 4583534 Event ID 65535 System.Runtime.Serialization errors in Application log in Exchange Server 2019 or 2016
- 4583535 New-Moverequest, Resume-Moverequest, and Remove-Moverequest not logged in Audit logs in Exchange Server 2019 and 2016
- 4583536 Set-MailboxFolderPermission is included in Mail Recipient Creation in Exchange Server 2019 and 2016
- 4583537 Update Korean word breaker in Exchange Server 2019 and 2016
- 4583538 Microsoft Teams REST calls exceed the default value of maxQueryStringLength in Exchange Server 2019 and 2016
- 4583539 Non-breaking space is visible in message body in Outlook in Exchange Server 2019 and 2016
- 4583542 Server assisted search in Outlook doesn’t return more than 175 items in Exchange Server 2019
- 4583544 Lots of LDAP requests for FE MAPI w3wp lead to DDoS on DCs in Exchange Server 2019
- 4583545 Make DomainName in Authserver a multivalued parameter in Exchange Server 2019 and 2016
Take note, you can only download Exchange Server 2019 CU8 from the Volume License Center or from the Visual Studio MSDN section.
As mentioned with the Exchange 2016 CU19 article, test this in your lab before rolling it out to your production servers.
Hope it helps.