Early Access — Mondoo Vulnerability Intelligence is currently in preview.
Mondoo Vulnerability Intelligence
Search vulnerabilities and malicious packages across npm, PyPI, Go, GitHub Actions, VS Code, and more.
Search vulnerabilities and malicious packages across npm, PyPI, Go, GitHub Actions, VS Code, and more.
Description of the security update for Microsoft Exchange Server Subscription Edition RTM: December 9, 2025 (KB5071876)
Applies To
Exchange Server SE
This security update resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures (CVE)
CVE-2025-64666 - Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2025-64667 - Microsoft Exchange Server Spoofing Vulnerability
Note: Please follow the instructions in the Microsoft Security Response Center (MSRC) article to address the vulnerability
To verify that that the installation is successful, and check whether any additional actions are required, run the Exchange Server Exchange Server Health Checker.
To enable Extended Protection on Exchange-based servers, see Extended Protection enabled in Exchange Server (KB5017260).
You can get the standalone update package through the Microsoft Download Center.
15.2.2562.3515.2.2562.3515.2.2562.3515.2.2562.3515.2.2562.3515.2.2562.3515.2.2562.3515.2.2562.3515.2.2562.3515.2.2562.3515.2.2562.3515.2.2562.3515.2.2562.3515.2.2562.3515.2.2562.3515.2.2562.3515.2.2562.35